SB2023102007 - Multiple vulnerabilities in VMware Aria Operations for Logs

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Improper Authentication (CVE-ID: CVE-2023-34051)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in the authentication process. A remote non-authenticated attacker can bypass authentication process and inject files into the operating system of an impacted appliance.

Successful exploitation of the vulnerability can result in remote code execution and full compromise of the affected appliance.

2) Deserialization of Untrusted Data (CVE-ID: CVE-2023-34052)

The vulnerability allows a remote attacker to bypass authentication.

The vulnerability exists due to insecure input validation when processing serialized data. A remote attacker can pass specially crafted data to the application, bypass authentication process and execute arbitrary code on the target system.

Remediation

Install update from vendor's website.

References

• https://www.vmware.com/security/advisories/VMSA-2023-0021.html
• https://www.vmware.com/security/advisories/VMSA-2023-00210.html