=====================================================================

                              CERT-Renater

                    Note d'Information No. 2023/VULN427

_____________________________________________________________________

DATE                : 20/10/2023

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running VMware Aria Operations for Logs
                                versions prior to 8.14,
             VMware Cloud Foundation (VMware Aria Operations for Logs).

=====================================================================
https://www.vmware.com/security/advisories/VMSA-2023-0021.html
_____________________________________________________________________


Important
Advisory ID:     VMSA-2023-0021
CVSSv3 Range:    8.1
Issue Date:      2023-10-19
Updated On:      2023-10-19 (Initial Advisory)
CVE(s):          CVE-2023-34051, CVE-2023-34052
Synopsis:
VMware Aria Operations for Logs updates address multiple 
vulnerabilities. (CVE-2023-34051, CVE-2023-34052)


1. Impacted Products

     Aria Operations for Logs


2. Introduction

Multiple vulnerabilities in VMware Aria Operations for Logs were privately
reported to VMware. Updates are available to remediate this vulnerability
in affected VMware products.

3a. Authentication Bypass Vulnerability (CVE-2023-34051)

Description

VMware Aria Operations for Logs contains an authentication bypass
vulnerability VMware has evaluated the severity of this issue to be in
the Important Severity Range with a maximum CVSSv3 base score of 8.1.

Known Attack Vectors

An unauthenticated, malicious actor can inject files into the operating
system of an impacted appliance which can result in remote code
execution.

Resolution

To remediate CVE-2023-34051 apply the updates listed in the 'Fixed
Version' column of the 'Response Matrix' below.

Workarounds

None.

Additional Documentation

None.

Notes

None.

Acknowledgements

VMware would like to thank James Horseman from Horizon3.ai and
Randori Attack Team (https://twitter.com/RandoriAttack) for
reporting this issue to us.

3b. Deserialization Vulnerability (CVE-2023-34052)

Description

VMware Aria Operations for Logs contains a deserialization
vulnerability. VMware has evaluated the severity of this issue
to be in the Important Severity Range with a maximum CVSSv3
base score of 8.1.

Known Attack Vectors

A malicious actor with non-administrative access to the local
system can trigger the deserialization of data which could
result in authentication bypass.

Resolution

To remediate CVE-2023-34052 apply the updates listed in the
'Fixed Version' column of the 'Response Matrix' below.

Workarounds

None.

Additional Documentation

None.

Notes

None.

Acknowledgements

VMware would like to thank IuHrm of Cyber KunLun for
reporting this issue to us.


Response Matrix
Product     Version     Running On     CVE Identifier     CVSSv3
Severity    Fixed Version    Workarounds    Additional Documentation
    VMware Aria Operations for Logs    8.14    Any    CVE-2023-34051,
CVE-2023-34052    N/A     N/A    Unaffected    N/A    N/A

VMware Aria Operations for Logs    8.x    Any    CVE-2023-34051,
CVE-2023-34052    8.1    important    8.14    N/A    N/A

VMware Cloud Foundation (VMware Aria Operations for Logs)   5.x, 4.x
Any    CVE-2023-34051, CVE-2023-34052    8.1    important   KB95212
N/A    N/A


4. References

Fixed Version(s) and Release Notes:

VMware Aria Operations for Logs (Operations for Logs) 8.14 Release
Notes

Downloads and Documentation:

https://customerconnect.vmware.com/en/downloads/info/slug/infrastructure_operations_management/vmware_aria_operations/8_14

https://docs.vmware.com/en/VMware-Aria-Operations/8.14/rn/vmware-aria-operations-814-release-notes/index.html

VMware Cloud Foundation: KB95212

Mitre CVE Dictionary Links:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34051

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34052

FIRST CVSSv3 Calculator:

CVE-2023-34051 - 
https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2023-34052 - 
https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H


5. Change Log

2023-10-19 VMSA-2023-0021

Initial security advisory.


6. Contact

E-mail list for product security notifications and announcements:

http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:
security-announce@lists.vmware.com

E-mail: security@vmware.com

PGP key at:
https://kb.vmware.com/kb/1055

VMware Security Advisories
http://www.vmware.com/security/advisories

VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html

VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html

VMware Security & Compliance Blog
https://blogs.vmware.com/security

Twitter
https://twitter.com/VMwareSRC

Copyright 2023 VMware Inc. All rights reserved.


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================