VMware Aria Operations for Logs contains a deserialization vulnerability. A malicious actor with non-administrative access to the local system can trigger the deserialization of data which could result in authentication bypass.
2023-10-20T05:15:08.420
2024-11-21T08:06:28.853
Modified
CVSSv3.1: 7.8 (HIGH)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | vmware | aria_operations_for_logs | 4.0 | Yes |
Application | vmware | aria_operations_for_logs | 5.0 | Yes |
Application | vmware | aria_operations_for_logs | 8.10.2 | Yes |
Application | vmware | aria_operations_for_logs | 8.12 | Yes |