Severity
High
Analysis Summary
CVE-2023-34063
VMware Aria Automation could allow a remote authenticated attacker to bypass security restrictions, caused by a missing access control vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to gain unauthorized access to remote organizations and workflows.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-34063
Affected Vendors
VMware
Affected Products
- VMware Cloud Foundation 4.0
- VMware Cloud Foundation 5.0
- VMware Aria Automation 8.11
- VMware Aria Automation 8.12
- VMware Aria Automation 8.13
- VMware Aria Automation 8.14
Remediation
Refer to VMware Security Advisory for patch, upgrade or suggested workaround information.