exploitDog

GHSA-ghvx-5v39-7hv5

Опубликовано: 20 окт. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.

VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.

Ссылки

EPSS

Процентиль: 98%

0.57738

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-863

Связанные уязвимости

CVE-2023-34051

CVSS3: 9.8

nvd

больше 2 лет назад

VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.

BDU:2023-07029

CVSS3: 8.1

fstec

больше 2 лет назад

Уязвимость инструмента для анализа сетевых журналов VMware Aria Operations for Logs, связанная с возможностью обхода аутентификации, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 98%

0.57738

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-863