Attackers Exploit VMware’s Aria Operations for Logs Vulnerability
Attackers Exploit VMware’s Aria Operations for Logs Vulnerability
Threat Level
Vulnerability Report
For a detailed threat advisory, download the pdf file here
Summary
A critical authentication bypass vulnerability (CVE-2023-34051) in VMware Aria Operations for Logs allows remote code execution with root privileges under certain conditions, raising concerns for compromised networks. The security patch attempted to address the issue by blocking Thrift ports but left other vulnerabilities unpatched, which attackers can bypass by spoofing their IP address.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.