Headline
CVE-2023-34060: VMSA-2023-0026
VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login restrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console) . This bypass is not present on port 443 (VCD provider and tenant login). On a new installation of VMware Cloud Director Appliance 10.5, the bypass is not present.
Advisory ID: VMSA-2023-0026
CVSSv3 Range: 9.8
Issue Date: 2023-11-14
Updated On: 2023-11-14 (Initial Advisory)
CVE(s): CVE-2023-34060
Synopsis: VMware Cloud Director Appliance contains an authentication bypass vulnerability (CVE-2023-34060).
****1. Impacted Products****
- VMware Cloud Director Appliance (VCD Appliance)
****2. Introduction****
An authentication bypass vulnerability in VMware Cloud Director Appliance was privately reported to VMware. Updates are available to remediate this vulnerability in the affected VMware product.
****3a. Authentication Bypass Vulnerability (CVE-2023-34060)****
VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from
an older version. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login
restrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console) . This bypass is not present on port 443 (VCD provider
and tenant login). On a new installation of VMware Cloud Director Appliance 10.5, the bypass is not present.
To remediate CVE-2023-34060 follow the guidance mentioned in KB95534 in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.
Only deployments that have upgraded to 10.5 from an older release are impacted by CVE-2023-34060. New deployments of 10.5 are not impacted by CVE-2023-34060.
VMware Cloud Director Appliance is impacted by this vulnerability due to the underlying Photon OS: https://github.com/vmware/photon/wiki/Security-Advisories
VMware has determined other appliances to not be impacted by this vulnerability.
Product
Version
Running On
CVE Identifier
CVSSv3
Severity
Fixed Version
Workarounds
Additional Documentation
VMware Cloud Director Appliance
10.5 if upgraded from 10.4.x or below.
Photon OS
CVE-2023-34060
9.8
critical
KB95534
N/A
None
VMware Cloud Director Appliance
10.5 new install
Photon OS
CVE-2023-34060
N/A
N/A
Unaffected
N/A
None
VMware Cloud Director Appliance
10.4.x and Below
Photon OS
CVE-2023-34060
N/A
N/A
Unaffected
N/A
None
****4. References****
****5. Change Log****
**2023-11-14 VMSA-2023-0026
**Initial security advisory.
****6. Contact****
Related news
VMware Cloud Director version 10.5 suffers from an authentication bypass vulnerability.
VMware is warning of a critical and unpatched security flaw in Cloud Director that could be exploited by a malicious actor to get around authentication protections. Tracked as CVE-2023-34060 (CVSS score: 9.8), the vulnerability impacts instances that have been upgraded to version 10.5 from an older version. "On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with