CVE-2023-34043

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:vmware:aria_operations:8.6.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:aria_operations:8.10.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:aria_operations:8.12.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:aria_operations:8.12.0:hotfix1:*:*:*:*:*:*
cpe:2.3:a:vmware:aria_operations:8.12.0:hotfix2:*:*:*:*:*:*
cpe:2.3:a:vmware:aria_operations:8.12.0:hotfix3:*:*:*:*:*:*
cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*
cpe:2.3:a:vmware:cloud_foundation:5.0:*:*:*:*:*:*:*

History

21 Nov 2024, 08:06

Type Values Removed Values Added
References () https://www.vmware.com/security/advisories/VMSA-2023-0020.html - Patch, Vendor Advisory () https://www.vmware.com/security/advisories/VMSA-2023-0020.html - Patch, Vendor Advisory

29 Sep 2023, 18:22

Type Values Removed Values Added
CPE cpe:2.3:a:vmware:aria_operations:8.10.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:aria_operations:8.12.0:hotfix3:*:*:*:*:*:*
cpe:2.3:a:vmware:cloud_foundation:5.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:aria_operations:8.12.0:hotfix2:*:*:*:*:*:*
cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*
cpe:2.3:a:vmware:aria_operations:8.12.0:hotfix1:*:*:*:*:*:*
cpe:2.3:a:vmware:aria_operations:8.6.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:aria_operations:8.12.0:-:*:*:*:*:*:*
CWE CWE-269
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.7
References (MISC) https://www.vmware.com/security/advisories/VMSA-2023-0020.html - (MISC) https://www.vmware.com/security/advisories/VMSA-2023-0020.html - Patch, Vendor Advisory
First Time Vmware
Vmware aria Operations
Vmware cloud Foundation

27 Sep 2023, 15:18

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-27 15:18

Updated : 2024-11-21 08:06


NVD link : CVE-2023-34043

Mitre link : CVE-2023-34043

CVE.ORG link : CVE-2023-34043


JSON object : View

Products Affected

vmware

  • cloud_foundation
  • aria_operations
CWE
CWE-269

Improper Privilege Management