Unauthorized Access to Remote Organizations and Workflows
CVE-2023-34063
Key Information
- Vendor
- N/A
- Status
- VMware Aria Automation, VMware Cloud Foundation
- Vendor
- CVE Published:
- 16 January 2024
Badges
Summary
Aria Automation contains a Missing Access Control vulnerability.
An authenticated malicious actor may exploit this vulnerability leading to unauthorized access to remote organizations and workflows.
Affected Version(s)
VMware Aria Automation, VMware Cloud Foundation = Aria Automation 8.14.1, Aria Automation 8.14.0, Aria Automation 8.13.1, Aria Automation 8.13.0, Aria Automation 8.12.2, Aria Automation 8.12.1, Aria Automation 8.12.0, Aria Automation 8.11.2, Aria Automation 8.11.1, Aria Automation 8.11.0
News Articles
Help Net SecurityWeek in review: 10 cybersecurity frameworks you need to know, exploited Chrome zero-day fixed - Help Net Security
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Key elements for a successful cyber risk management
11 months ago
Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082) - Help Net Security
A critical vulnerability (CVE-2023-35082) affecting Ivanti EPMM and MobileIron Core mobile management software is being actively exploited.
11 months ago
Help Net SecurityCVE-2023-34063VMware: Plug critical Aria Automation hole immediately! (CVE-2023-34063) - Help Net Security
A vulnerability (CVE-2023-34063) in VMware Aria Automation can be exploited to gain access to remote organizations and workflows.
11 months ago
Refferences
CVSS V3.1
Timeline
First article discovered by Help Net Security
Vulnerability published
Vulnerability Reserved