WARNING: CRITICAL VULNERABILITY AFFECTS VMWARE ARIA AUTOMATION
Reference:
Advisory #2024-008
Version:
1.0
Affected software:
VMWare Aria Automation 8.11.x, 8.12.x, 8.13.x, 8.14.x
VMWare Cloud Foundation (Aria Automation) 4.x, 5.x
Type:
Unauthorized Access
CVE/CVSS:
CVE-2023-34063 :CVSS 9.9 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H)
Datum:
17/01/2024
Sources
https://www.vmware.com/security/advisories/VMSA-2024-0001.html
Risks
VMWare has released security patches to address a critical vulnerability that is affecting Aria Automation (formerly vRealize Automation).
The vulnerability has a low attack complexity, does not require user interaction and has a HIGH impact on Integrity and Availability.
Description
CVE-2023-34063: Unauthorized access vulnerability
An authenticated attacker with low privileges can exploit this vulnerability and get unauthorized access to remote organizations and workflows due to missing access control mechanisms.
Recommended Actions
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://cert.be/en/report-incident
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.