VMware Aria Operations for Logs CVE-2023-34051 Technical Deep Dive and IOCs

Spread the love


This report is a follow up to https://www.horizon3.ai/vmware-vrealize-log-insight-vmsa-2023-0001-technical-deep-dive/.

Earlier this year we reported the technical details for VMSA-2023-0001 affecting VMware Aria Operations for Logs (formerly VMware vRealize Log Insight). In that report, we showed how an attacker could use three different CVEs to achieve remote code execution. During the course of that investigation, we noticed the fix provided by VMware was not sufficient to stop a…



Source link