Aria Operations
CVE-2023-34043
MEDIUM
Severity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.
AnalysisAI
VMware Aria Operations contains a local privilege escalation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Technical ContextAI
This vulnerability is classified as Improper Privilege Management (CWE-269), which allows attackers to escalate privileges to gain unauthorized elevated access. VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'. Affected products include: Vmware Aria Operations, Vmware Cloud Foundation.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply principle of least privilege, validate privilege transitions, implement proper role separation.
More in Aria Operations
View allVMware Aria Operations contains a command injection vulnerability (CVE-2026-22719, CVSS 8.1) that allows unauthenticated
Stored XSS in VMware Aria Operations allows authenticated users with benchmark creation privileges to inject malicious s
VMware Aria Operations contains a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnera
VMware Aria Operations contains a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnera
VMware Aria Operations contains a local privilege escalation vulnerability. Rated medium severity (CVSS 6.7), this vulne
VMware Aria Operations contains a privilege escalation vulnerability. Rated medium severity (CVSS 6.7), this vulnerabili
VMware Aria Operations contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 6.4), this vuln
Privilege escalation in VMware Aria Operations allows authenticated users with vCenter access to escalate their privileg
VMware Aria Operations contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 5.4), this vuln
VMware Aria Operations contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 4.8), this vuln
VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. Rated high severity (CVSS 7.
VMware Aria Operations contains an information disclosure vulnerability. Rated high severity (CVSS 7.7), this vulnerabil
Same weakness CWE-269 – Improper Privilege Management
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today