Vmware · Vmware Aria Operations For Logs · CVE-2023-34051
**Name of the Vulnerable Software and Affected Versions**
VMware Aria Operations for Logs (affected versions not specified)
**Description**
The issue is related to an authentication bypass vulnerability in VMware Aria Operations for Logs. This vulnerability can be exploited by an unauthenticated, malicious actor to inject files into the operating system of an impacted appliance, resulting in remote code execution. It is estimated that around 139 devices are affected, mainly distributed in Singapore, South Africa, and other countries. A proof-of-concept exploit for this vulnerability has been released, and VMware has warned customers about its existence.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.