Skip to content

VMware Aria Automation Missing Access Control Vulnerability (CV-2023-34063)

VMware just release a patch for Aria Automation that address the vulnerability that was discovered and which was evaluated with a maximum base score of 9.9.

In order to patch Aria Automation you will have to download the new patch in Aria Suite Lifecycle. You can check patches online or if you don’t have internet connection you can manually download from VMware portal, then upload it on the Aria Suite Lifecycle virtual machine. If you manually download it you will have to add the patch binary.

To do that, go to Settings > Binary Mapping

Before moving forward with the patching, please make sure you took a snapshot of the Aria Automation virtual machine.

After you have the snapshot and added the new patch, go to Environments, select VMware Aria Automation and choose Install Patch.

Once you click on Install Patch you will have the option to Select Patch and after that a pre-check will be made.

If the pre-check is green, click next and submit and the installation will take around 45 minutes.

To check that the patch was installed, SSH on the Aria Automation VM and run vracli version patch, which will display the installed patch.

Published inGeneral

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.