CVE Vulnerabilities

CVE-2023-34064

Published: Dec 12, 2023 | Modified: Dec 18, 2023

CVSS 3.x

4.6

MEDIUM

Source:

NVD

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS 2.x

RedHat/V2

RedHat/V3

Ubuntu

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-34064
CWE	https://cwe.mitre.org/data/definitions/.html

Workspace ONE Launcher contains a Privilege Escalation Vulnerability. A malicious actor with physical access to Workspace ONE Launcher could utilize the Edge Panel feature to bypass setup to gain access to sensitive information.

Affected Software

Name	Vendor	Start Version	End Version
Workspace_one_launcher	Vmware	22.01 (including)	23.11 (excluding)

References

https://www.vmware.com/security/advisories/VMSA-2023-0027.html

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.