VMware warns admins of public exploit for vRealize RCE flaw

VMware warns admins of public exploit for vRealize RCE flaw


VMware warned customers on Monday that proof-of-concept (PoC) exploit code is now available for an authentication bypass flaw in vRealize Log Insight (now known as VMware Aria Operations for Logs).

“Updated VMSA to note that VMware has confirmed that exploit code for CVE-2023-34051 has been published,” the company said in an update to the original advisory.

Tracked as CVE-2023-34051, it allows unauthenticated attackers to execute code remotely with root permissions if certain conditions…



Source link