Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-34060: VMSA-2023-0026

VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login restrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console) . This bypass is not present on port 443 (VCD provider and tenant login). On a new installation of VMware Cloud Director Appliance 10.5, the bypass is not present.

CVE
#vulnerability#git#vmware#auth#ssh

Advisory ID: VMSA-2023-0026

CVSSv3 Range: 9.8

Issue Date: 2023-11-14

Updated On: 2023-11-14 (Initial Advisory)

CVE(s): CVE-2023-34060

Synopsis: VMware Cloud Director Appliance contains an authentication bypass vulnerability (CVE-2023-34060).

****1. Impacted Products****

  • VMware Cloud Director Appliance (VCD Appliance)

****2. Introduction****

An authentication bypass vulnerability in VMware Cloud Director Appliance was privately reported to VMware. Updates are available to remediate this vulnerability in the affected VMware product.

****3a. Authentication Bypass Vulnerability (CVE-2023-34060)****

VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from
an older version. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login
restrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console) . This bypass is not present on port 443 (VCD provider
and tenant login). On a new installation of VMware Cloud Director Appliance 10.5, the bypass is not present.

To remediate CVE-2023-34060 follow the guidance mentioned in KB95534 in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.

Only deployments that have upgraded to 10.5 from an older release are impacted by CVE-2023-34060. New deployments of 10.5 are not impacted by CVE-2023-34060.

VMware Cloud Director Appliance is impacted by this vulnerability due to the underlying Photon OS: https://github.com/vmware/photon/wiki/Security-Advisories

VMware has determined other appliances to not be impacted by this vulnerability.

Product

Version

Running On

CVE Identifier

CVSSv3

Severity

Fixed Version

Workarounds

Additional Documentation

VMware Cloud Director Appliance

10.5 if upgraded from 10.4.x or below.

Photon OS

CVE-2023-34060

9.8

critical

KB95534

N/A

None

VMware Cloud Director Appliance

10.5 new install

Photon OS

CVE-2023-34060

N/A

N/A

Unaffected

N/A

None

VMware Cloud Director Appliance

10.4.x and Below

Photon OS

CVE-2023-34060

N/A

N/A

Unaffected

N/A

None

****4. References****

****5. Change Log****

**2023-11-14 VMSA-2023-0026
**Initial security advisory.

****6. Contact****

Related news

VMware Cloud Director 10.5 Authentication Bypass

VMware Cloud Director version 10.5 suffers from an authentication bypass vulnerability.

Urgent: VMware Warns of Unpatched Critical Cloud Director Vulnerability

VMware is warning of a critical and unpatched security flaw in Cloud Director that could be exploited by a malicious actor to get around authentication protections. Tracked as CVE-2023-34060 (CVSS score: 9.8), the vulnerability impacts instances that have been upgraded to version 10.5 from an older version. "On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907