CVSS: 10.0EPSS: 78%CPEs: 7EXPL: 1CVE-2023-34051
https://notcve.org/view.php?id=CVE-2023-34051
20 Oct 2023 — VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution. VMware Aria Operations for Logs contiene una vulnerabilidad de omisión de autenticación. Un actor malicioso no autenticado puede inyectar archivos en el sistema operativo de un dispositivo afectado, lo que puede resultar en la ejecución remota de código. VMware Aria Operations for Lo... • https://github.com/horizon3ai/CVE-2023-34051 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-34052
https://notcve.org/view.php?id=CVE-2023-34052
20 Oct 2023 — VMware Aria Operations for Logs contains a deserialization vulnerability. A malicious actor with non-administrative access to the local system can trigger the deserialization of data which could result in authentication bypass. VMware Aria Operations for Logs contiene una vulnerabilidad de deserialización. Un actor malintencionado con acceso no administrativo al sistema local puede desencadenar la deserialización de datos, lo que podría provocar una omisión de autenticación. VMware Aria Operations for Logs ... • https://www.vmware.com/security/advisories/VMSA-2023-0021.html • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.0EPSS: 40%CPEs: 2EXPL: 1CVE-2023-34050 – Spring AMQP Deserialization Vulnerability
https://notcve.org/view.php?id=CVE-2023-34050
19 Oct 2023 — In spring AMQP versions 1.0.0 to 2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for deserializable class names were added to Spring AMQP, allowing users to lock down deserialization of data in messages from untrusted sources; however by default, when no allowed list was provided, all classes could be deserialized. Specifically, an application is vulnerable if * the SimpleMessageConverter or SerializerMessageConverter is used * the user does not configure allowed list patterns * untrusted message originat... • https://github.com/X1r0z/spring-amqp-deserialization • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.7EPSS: 0%CPEs: 8EXPL: 0CVE-2023-34043
https://notcve.org/view.php?id=CVE-2023-34043
26 Sep 2023 — VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'. VMware Aria Operations contiene una vulnerabilidad de escalada de privilegios local. Un actor malicioso con acceso administrativo al sistema local puede escalar privilegios a "root". VMware Aria Operations contains a local privilege escalation vulnerability. • https://www.vmware.com/security/advisories/VMSA-2023-0020.html • CWE-269: Improper Privilege Management •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-34047 – Exposure of data and identity to wrong session in Spring for GraphQL
https://notcve.org/view.php?id=CVE-2023-34047
20 Sep 2023 — A batch loader function in Spring for GraphQL versions 1.1.0 - 1.1.5 and 1.2.0 - 1.2.2 may be exposed to GraphQL context with values, including security context values, from a different session. An application is vulnerable if it provides a DataLoaderOptions instance when registering batch loader functions through DefaultBatchLoaderRegistry. Una función de cargador por lotes en Spring para las versiones GraphQL 1.1.0 - 1.1.5 y 1.2.0 - 1.2.2 puede estar expuesta al contexto GraphQL con valores, incluidos val... • https://spring.io/security/cve-2023-34047 •
CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 0CVE-2023-20900 – open-vm-tools: SAML token signature bypass
https://notcve.org/view.php?id=CVE-2023-20900
31 Aug 2023 — A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . Un actor malicioso al ... • http://www.openwall.com/lists/oss-security/2023/08/31/1 • CWE-294: Authentication Bypass by Capture-replay CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-20890
https://notcve.org/view.php?id=CVE-2023-20890
29 Aug 2023 — Aria Operations for Networks contains an arbitrary file write vulnerability. An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to arbitrary locations resulting in remote code execution. Aria Operations for Networks contains an arbitrary file write vulnerability. An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to arbitrary locations resulting in remote code execution. • https://www.vmware.com/security/advisories/VMSA-2023-0018.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 51%CPEs: 1EXPL: 8CVE-2023-34039 – VMWare Aria Operations for Networks SSH Private Key Exposure
https://notcve.org/view.php?id=CVE-2023-34039
29 Aug 2023 — Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI. Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authe... • https://packetstorm.news/files/id/175320 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.8EPSS: 10%CPEs: 2EXPL: 4CVE-2023-34040 – Java Deserialization vulnerability in Spring-Kafka When Improperly Configured
https://notcve.org/view.php?id=CVE-2023-34040
24 Aug 2023 — In Spring for Apache Kafka 3.0.9 and earlier and versions 2.9.10 and earlier, a possible deserialization attack vector existed, but only if unusual configuration was applied. An attacker would have to construct a malicious serialized object in one of the deserialization exception record headers. Specifically, an application is vulnerable when all of the following are true: * The user does not configure an ErrorHandlingDeserializer for the key and/or value of the record * The user explicitly sets container p... • https://github.com/Contrast-Security-OSS/Spring-Kafka-POC-CVE-2023-34040 • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2023-34038
https://notcve.org/view.php?id=CVE-2023-34038
04 Aug 2023 — VMware Horizon Server contains an information disclosure vulnerability. A malicious actor with network access may be able to access information relating to the internal network configuration. VMware Horizon Server contiene una vulnerabilidad de divulgación de información. Un actor malicioso con acceso a la red puede ser capaz de acceder a información relativa a la configuración de la red interna. • https://www.vmware.com/security/advisories/VMSA-2023-0017.html •