Unauthorized Access to Remote Organizations and Workflows
CVE-2023-34063
Key Information:
- Vendor
- N/A
- Status
- VMware Aria Automation, VMware Cloud Foundation
- Vendor
- CVE Published:
- 16 January 2024
Badges
Summary
VMware Aria Automation is impacted by a missing access control vulnerability that could allow an authenticated malicious actor to gain unauthorized access to enterprise-level workflows and remote organizations. This vulnerability can potentially lead to significant data breaches and compromise sensitive information, emphasizing the need for immediate remediation and robust access controls.
Affected Version(s)
VMware Aria Automation, VMware Cloud Foundation Aria Automation 8.14.1, Aria Automation 8.14.0, Aria Automation 8.13.1, Aria Automation 8.13.0, Aria Automation 8.12.2, Aria Automation 8.12.1, Aria Automation 8.12.0, Aria Automation 8.11.2, Aria Automation 8.11.1, Aria Automation 8.11.0
Get notified when SecurityVulnerability.io launches alerting 🔔
Well keep you posted 📧
News Articles
Help Net SecurityWeek in review: 10 cybersecurity frameworks you need to know, exploited Chrome zero-day fixed - Help Net Security
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Key elements for a successful cyber risk management
1 year ago
Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082) - Help Net Security
A critical vulnerability (CVE-2023-35082) affecting Ivanti EPMM and MobileIron Core mobile management software is being actively exploited.
1 year ago
Help Net SecurityCVE-2023-34063VMware: Plug critical Aria Automation hole immediately! (CVE-2023-34063) - Help Net Security
A vulnerability (CVE-2023-34063) in VMware Aria Automation can be exploited to gain access to remote organizations and workflows.
1 year ago
References
CVSS V3.1
Timeline
- 📰
First article discovered by Help Net Security
Vulnerability published
Vulnerability Reserved