cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-34051,https://securityvulnerability.io/vulnerability/CVE-2023-34051,Authentication Bypass in VMware Aria Operations for Logs,"VMware Aria Operations for Logs is impacted by a vulnerability that allows an unauthenticated attacker to bypass authentication protocols. By exploiting this flaw, a malicious user can inject arbitrary files into the operating system of the affected appliance, leading to potential remote code execution. Organizations using this software should prioritize mitigating this risk to protect their systems from unauthorized access and exploitation.",Vmware,VMware Aria Operations for Logs,9.8,CRITICAL,0.0021800000686198473,false,false,false,true,true,false,false,2023-10-20T05:15:00.000Z,0
CVE-2023-34052,https://securityvulnerability.io/vulnerability/CVE-2023-34052,Deserialization Vulnerability in VMware Aria Operations for Logs,"VMware Aria Operations for Logs suffers from a deserialization vulnerability that can be exploited by an attacker with non-administrative access. This flaw allows a malicious actor to manipulate the data's deserialization process, potentially leading to authentication bypass, thereby compromising the integrity of user authentication and system security.",Vmware,Vmware Aria Operations For Logs,7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2023-10-20T05:15:00.000Z,0
CVE-2023-20864,https://securityvulnerability.io/vulnerability/CVE-2023-20864,Deserialization Vulnerability in VMware Aria Operations for Logs,"VMware Aria Operations for Logs is affected by a deserialization vulnerability that allows unauthenticated attackers with network access to execute arbitrary code with root privileges. This vulnerability poses a significant risk as it can be exploited remotely, enabling malicious actors to gain unauthorized access and potentially compromise system integrity. Organizations utilizing this product should take immediate action to implement patches and ensure their systems are secure against potential exploit attempts.",Vmware,VMware Aria Operations for Logs (formerly vRealize Log Insight),9.8,CRITICAL,0.26137998700141907,false,false,false,false,,false,false,2023-04-20T00:00:00.000Z,0
CVE-2023-20865,https://securityvulnerability.io/vulnerability/CVE-2023-20865,Command Injection Vulnerability in VMware Aria Operations for Logs,"A command injection vulnerability has been identified in VMware Aria Operations for Logs. This flaw allows an attacker with administrative access to execute arbitrary commands with root privileges, potentially leading to unauthorized access and control over the affected system. It is essential for organizations using this product to investigate and apply the recommended security patches to mitigate the risks associated with this vulnerability.",Vmware,VMware Aria Operations for Logs (formerly vRealize Log Insight),7.2,HIGH,0.000910000002477318,false,false,false,false,,false,false,2023-04-20T00:00:00.000Z,0