CVE-2023-34051

CRITICAL

VMware Aria Operations for Logs - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-34051. PoCs published by horizon3ai.

AI-analyzed exploit summary This PoC exploits CVE-2023-34051, an authentication bypass in VMware vRealize Log Insight, by chaining multiple vulnerabilities (CVE-2022-31706, CVE-2022-31704, CVE-2022-31711) to achieve arbitrary file write and execute a reverse shell via cron job.

Description

VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.

Exploits (1)

nomisec WORKING POC 61 stars
by horizon3ai · poc
https://github.com/horizon3ai/CVE-2023-34051

This PoC exploits CVE-2023-34051, an authentication bypass in VMware vRealize Log Insight, by chaining multiple vulnerabilities (CVE-2022-31706, CVE-2022-31704, CVE-2022-31711) to achieve arbitrary file write and execute a reverse shell via cron job.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: VMware vRealize Log Insight (prior to patch for VMSA-2023-0021)
No auth needed
Prerequisites: Network access to target · Same IP address as a master/worker node · HTTP server to host payload
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 9.8
EPSS 0.4467
EPSS Percentile 98.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-863
Status published
Products (7)
vmware/aria_operations_for_logs 4.0
vmware/aria_operations_for_logs 5.0
vmware/aria_operations_for_logs 8.6
vmware/aria_operations_for_logs 8.8
vmware/aria_operations_for_logs 8.10
vmware/aria_operations_for_logs 8.10.2
vmware/aria_operations_for_logs 8.12
Published Oct 20, 2023
Tracked Since Feb 18, 2026