Is CVE-2023-34051 known to be exploited?

12 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Vmware Aria Operations For Logs

CVE-2023-34051

VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.

EPSS: 0.552 (98.1th percentile) — read the EPSS interpretation.

Affected products

N/a Vmware Aria Operations For Logs — versions VMware Aria Operations for Logs 8.x, VMware Cloud Foundation (VMware Aria Operations for Logs) 5.x 4.x

Public proof-of-concept exploits

horizon3ai/CVE-2023-34051
20142995/sectool
ARPSyndicate/cve-scores
Threekiii/CVE
ZonghaoLi777/githubTrending
aneasystone/github-trending
20142995/nuclei-templates
johe123qwe/github-trending
nomi-sec/PoC-in-GitHub
sampsonv/github-trending

References

www.vmware.com/security/advisories/VMSA-2023-0021.html

Frequently asked questions

What is CVE-2023-34051?: CVE-2023-34051 is a vulnerability in Vmware Aria Operations For Logs. Published 2023-10-20.
Is CVE-2023-34051 known to be exploited?: 12 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.