Main Vulnerability Database Exploits ID:9393 - Exploit for Improper Authentication in Aria Operations for Logs (formerly vRealize Log Insight) - CVE-2023-34051

ID:9393 - Exploit for Improper Authentication in Aria Operations for Logs (formerly vRealize Log Insight) - CVE-2023-34051

Published: October 25, 2023

Vulnerability identifier: #VU82267

Vulnerability risk: High

CVE-ID: CVE-2023-34051

CWE-ID: CWE-287

Exploitation vector: Remote access

Vulnerable software:
Aria Operations for Logs (formerly vRealize Log Insight)

Link to public exploit:

https://github.com/horizon3ai/CVE-2023-34051

Vulnerability description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in the authentication process. A remote non-authenticated attacker can bypass authentication process and inject files into the operating system of an impacted appliance.

Successful exploitation of the vulnerability can result in remote code execution and full compromise of the affected appliance.

Remediation

Install updates from vendor's website.

ID:9393 - Exploit for Improper Authentication in Aria Operations for Logs (formerly vRealize Log Insight) - CVE-2023-34051

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human