Attackers Exploit VMware’s Aria Operations for Logs Vulnerability
Threat Level – Red | Vulnerability Report
Download PDFA critical authentication bypass vulnerability (CVE-2023-34051) in VMware Aria Operations for Logs allows remote code execution with root privileges under certain conditions, raising concerns for compromised networks. The security patch attempted to address the issue by blocking Thrift ports but left other vulnerabilities unpatched, which attackers can bypass by spoofing their IP address.
What’s new on HivePro
Get through updates and upcoming events, and more directly in your inbox