VMware’s multi-cloud infrastructure automation platform, Aria Automation, has a critical vulnerability that external researchers have found. VMware is advising customers to patch it.
Tracked as CVE-2023-34063, the vulnerability affects Cloud Foundation and Aria Automation (formerly vRealize Automation) versions 8.16 and lower. It has a CVSS score of 9.9. According to descriptions of the vulnerability, it’s a missing access control issue that could give an authorized attacker access to remote organizations and workflows without authorization.
VMware has notified customers to install the patches as soon as possible for all affected versions. However, the business stated that it is not currently aware of any exploitation occurring in the wild.
Read More: VMware Urges Customers to Patch Critical Aria Automation Vulnerability
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates
