Published: 16/01/2024 Updated: 25/01/2024

CVSS v3 Base Score: 8.3 | Impact Score: 5.5 | Exploitability Score: 2.8

VMScore: 0

Aria Automation contains a Missing Access Control vulnerability. An authenticated malicious actor may exploit this vulnerability leading to unauthorized access to remote organizations and workflows.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vmware cloud foundation 4.0
vmware cloud foundation 5.0
vmware aria automation 8.11.0
vmware aria automation 8.11.1
vmware aria automation 8.11.2
vmware aria automation 8.12.2
vmware aria automation 8.12.0
vmware aria automation 8.12.1
vmware aria automation 8.13.0
vmware aria automation 8.13.1
vmware aria automation 8.14.1
vmware aria automation 8.14.0

Patch now: Critical VMware, Atlassian flaws found

The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources You didn't have anything else to do this Tuesday, right?

VMware and Atlassian today disclosed critical vulnerabilities and, while neither appear to have been exploited by miscreants yet, admins should patch now to avoid disappointment. First off, a pair of issues from Atlassian. Most serious is CVE-2023-22527, a template injection flaw that can allow unauthenticated remote code execution (RCE) attacks. It scored a perfect CVSS rating of 10 out of 10 and affects Confluence Data Center and Server 8 versions released before December 5, 2023 and 8.4.5, wh...

CVE-2023-34063

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect