Headline
RHSA-2023:5313: Red Hat Security Advisory: open-vm-tools security update
An update for open-vm-tools is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-20900: An improper signature verification flaw was found in open-vm-tools that may lead to a bypass of SAML token signature. This issue may allow a malicious actor with man-in-the-middle (MITM) network positioning between a vCenter server and the virtual machine to bypass SAML token signature verification to perform guest operations.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- OpenShift Dev Spaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Quarkus
Integration and Automation
All Products
Issued:
2023-09-20
Updated:
2023-09-20
RHSA-2023:5313 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: open-vm-tools security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for open-vm-tools is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines.
Security Fix(es):
- open-vm-tools: SAML token signature bypass (CVE-2023-20900)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
- Red Hat Enterprise Linux Server - AUS 9.2 x86_64
- Red Hat Enterprise Linux for ARM 64 9 aarch64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
- Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.2 aarch64
Fixes
- BZ - 2236542 - CVE-2023-20900 open-vm-tools: SAML token signature bypass
Red Hat Enterprise Linux for x86_64 9
SRPM
open-vm-tools-12.1.5-1.el9_2.3.src.rpm
SHA-256: 6507ac575255a0fce19334dea53bba39fd5975299b2797c45681cf51fad9e680
x86_64
open-vm-tools-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 6ccc8d017f4fecf61470d52e2666dc3c270ac794858ff2eb5a4615be98af75cd
open-vm-tools-debuginfo-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 80c7cdbce8f66a90ddf6d6acf0806b8ad9549969f30344c72f6638cf2a2e5db3
open-vm-tools-debugsource-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 510da0e09fa0bcd7464f5a78dcdd17c1c89d8457c1ed3ecbd5571c039e2170f5
open-vm-tools-desktop-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: e48504eb39df3b9c84557eb8586ca57c55e9526f0bda8745e8059901e9147082
open-vm-tools-desktop-debuginfo-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 5eb56d61e0193ca9d35abacdf0492fd21504eb1e997caea26ff7fdf74fe60d74
open-vm-tools-salt-minion-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: a3122e9cdca82d50485b9cfa76de0859d00efdc4be8f619eead100efe7744f5b
open-vm-tools-sdmp-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: ce1cbb3cde0538cc07ed9ef06949e35f4f41764a3b24fd650189e9ba5d0e5a99
open-vm-tools-sdmp-debuginfo-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: d5888e0f3e96a127991f0f002984ae6a0d46ec21712d968a0a3afbc16cb58f47
open-vm-tools-test-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 0c1ad0f89ac54b541fa4351b076c3312558dfc1779fb859cdb03a3b52260d4d0
open-vm-tools-test-debuginfo-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 8b5b625bb39fd3d757161266855ec0ac13eb38116563b3d44f4ec57b209db9b6
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2
SRPM
open-vm-tools-12.1.5-1.el9_2.3.src.rpm
SHA-256: 6507ac575255a0fce19334dea53bba39fd5975299b2797c45681cf51fad9e680
x86_64
open-vm-tools-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 6ccc8d017f4fecf61470d52e2666dc3c270ac794858ff2eb5a4615be98af75cd
open-vm-tools-debuginfo-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 80c7cdbce8f66a90ddf6d6acf0806b8ad9549969f30344c72f6638cf2a2e5db3
open-vm-tools-debugsource-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 510da0e09fa0bcd7464f5a78dcdd17c1c89d8457c1ed3ecbd5571c039e2170f5
open-vm-tools-desktop-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: e48504eb39df3b9c84557eb8586ca57c55e9526f0bda8745e8059901e9147082
open-vm-tools-desktop-debuginfo-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 5eb56d61e0193ca9d35abacdf0492fd21504eb1e997caea26ff7fdf74fe60d74
open-vm-tools-salt-minion-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: a3122e9cdca82d50485b9cfa76de0859d00efdc4be8f619eead100efe7744f5b
open-vm-tools-sdmp-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: ce1cbb3cde0538cc07ed9ef06949e35f4f41764a3b24fd650189e9ba5d0e5a99
open-vm-tools-sdmp-debuginfo-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: d5888e0f3e96a127991f0f002984ae6a0d46ec21712d968a0a3afbc16cb58f47
open-vm-tools-test-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 0c1ad0f89ac54b541fa4351b076c3312558dfc1779fb859cdb03a3b52260d4d0
open-vm-tools-test-debuginfo-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 8b5b625bb39fd3d757161266855ec0ac13eb38116563b3d44f4ec57b209db9b6
Red Hat Enterprise Linux Server - AUS 9.2
SRPM
open-vm-tools-12.1.5-1.el9_2.3.src.rpm
SHA-256: 6507ac575255a0fce19334dea53bba39fd5975299b2797c45681cf51fad9e680
x86_64
open-vm-tools-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 6ccc8d017f4fecf61470d52e2666dc3c270ac794858ff2eb5a4615be98af75cd
open-vm-tools-debuginfo-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 80c7cdbce8f66a90ddf6d6acf0806b8ad9549969f30344c72f6638cf2a2e5db3
open-vm-tools-debugsource-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 510da0e09fa0bcd7464f5a78dcdd17c1c89d8457c1ed3ecbd5571c039e2170f5
open-vm-tools-desktop-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: e48504eb39df3b9c84557eb8586ca57c55e9526f0bda8745e8059901e9147082
open-vm-tools-desktop-debuginfo-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 5eb56d61e0193ca9d35abacdf0492fd21504eb1e997caea26ff7fdf74fe60d74
open-vm-tools-salt-minion-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: a3122e9cdca82d50485b9cfa76de0859d00efdc4be8f619eead100efe7744f5b
open-vm-tools-sdmp-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: ce1cbb3cde0538cc07ed9ef06949e35f4f41764a3b24fd650189e9ba5d0e5a99
open-vm-tools-sdmp-debuginfo-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: d5888e0f3e96a127991f0f002984ae6a0d46ec21712d968a0a3afbc16cb58f47
open-vm-tools-test-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 0c1ad0f89ac54b541fa4351b076c3312558dfc1779fb859cdb03a3b52260d4d0
open-vm-tools-test-debuginfo-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 8b5b625bb39fd3d757161266855ec0ac13eb38116563b3d44f4ec57b209db9b6
Red Hat Enterprise Linux for ARM 64 9
SRPM
open-vm-tools-12.1.5-1.el9_2.3.src.rpm
SHA-256: 6507ac575255a0fce19334dea53bba39fd5975299b2797c45681cf51fad9e680
aarch64
open-vm-tools-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: 2119f1c7ad8777b4415c9e33ea29c20f323ec795c58c7e82a8bed23a20a91f45
open-vm-tools-debuginfo-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: 5ce2cccf08f6ae4093f6c3a9670036e9e563c5c3fa9f3ea956c12e657ac7e562
open-vm-tools-debugsource-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: 5e1e96236b49b507cb787144645b357e57f69e6501e5e80da826fa9166239333
open-vm-tools-desktop-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: e405928d67a858bf1bc16f6344d478e70c957cf4698d2fcc958e6dc9dc9a4a8b
open-vm-tools-desktop-debuginfo-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: e2819fde7b837f064079ae71a54131279df52b1535ea2eab78d107b54d5e329f
open-vm-tools-sdmp-debuginfo-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: dfe3235a0d1bbf9dbf51a9551dfe3b373237cd65365117f9462affbdedf3e792
open-vm-tools-test-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: e42958d2be5f64cd916ce6b53593961d23c049b834c1c017d80840f91c0b9a33
open-vm-tools-test-debuginfo-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: 9e4963a4f3a90cc6c00b333217fd416cfff3b28eded1baee521a7f27c27da9ad
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2
SRPM
open-vm-tools-12.1.5-1.el9_2.3.src.rpm
SHA-256: 6507ac575255a0fce19334dea53bba39fd5975299b2797c45681cf51fad9e680
aarch64
open-vm-tools-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: 2119f1c7ad8777b4415c9e33ea29c20f323ec795c58c7e82a8bed23a20a91f45
open-vm-tools-debuginfo-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: 5ce2cccf08f6ae4093f6c3a9670036e9e563c5c3fa9f3ea956c12e657ac7e562
open-vm-tools-debugsource-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: 5e1e96236b49b507cb787144645b357e57f69e6501e5e80da826fa9166239333
open-vm-tools-desktop-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: e405928d67a858bf1bc16f6344d478e70c957cf4698d2fcc958e6dc9dc9a4a8b
open-vm-tools-desktop-debuginfo-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: e2819fde7b837f064079ae71a54131279df52b1535ea2eab78d107b54d5e329f
open-vm-tools-sdmp-debuginfo-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: dfe3235a0d1bbf9dbf51a9551dfe3b373237cd65365117f9462affbdedf3e792
open-vm-tools-test-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: e42958d2be5f64cd916ce6b53593961d23c049b834c1c017d80840f91c0b9a33
open-vm-tools-test-debuginfo-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: 9e4963a4f3a90cc6c00b333217fd416cfff3b28eded1baee521a7f27c27da9ad
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2
SRPM
open-vm-tools-12.1.5-1.el9_2.3.src.rpm
SHA-256: 6507ac575255a0fce19334dea53bba39fd5975299b2797c45681cf51fad9e680
x86_64
open-vm-tools-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 6ccc8d017f4fecf61470d52e2666dc3c270ac794858ff2eb5a4615be98af75cd
open-vm-tools-debuginfo-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 80c7cdbce8f66a90ddf6d6acf0806b8ad9549969f30344c72f6638cf2a2e5db3
open-vm-tools-debugsource-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 510da0e09fa0bcd7464f5a78dcdd17c1c89d8457c1ed3ecbd5571c039e2170f5
open-vm-tools-desktop-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: e48504eb39df3b9c84557eb8586ca57c55e9526f0bda8745e8059901e9147082
open-vm-tools-desktop-debuginfo-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 5eb56d61e0193ca9d35abacdf0492fd21504eb1e997caea26ff7fdf74fe60d74
open-vm-tools-salt-minion-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: a3122e9cdca82d50485b9cfa76de0859d00efdc4be8f619eead100efe7744f5b
open-vm-tools-sdmp-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: ce1cbb3cde0538cc07ed9ef06949e35f4f41764a3b24fd650189e9ba5d0e5a99
open-vm-tools-sdmp-debuginfo-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: d5888e0f3e96a127991f0f002984ae6a0d46ec21712d968a0a3afbc16cb58f47
open-vm-tools-test-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 0c1ad0f89ac54b541fa4351b076c3312558dfc1779fb859cdb03a3b52260d4d0
open-vm-tools-test-debuginfo-12.1.5-1.el9_2.3.x86_64.rpm
SHA-256: 8b5b625bb39fd3d757161266855ec0ac13eb38116563b3d44f4ec57b209db9b6
Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.2
SRPM
open-vm-tools-12.1.5-1.el9_2.3.src.rpm
SHA-256: 6507ac575255a0fce19334dea53bba39fd5975299b2797c45681cf51fad9e680
aarch64
open-vm-tools-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: 2119f1c7ad8777b4415c9e33ea29c20f323ec795c58c7e82a8bed23a20a91f45
open-vm-tools-debuginfo-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: 5ce2cccf08f6ae4093f6c3a9670036e9e563c5c3fa9f3ea956c12e657ac7e562
open-vm-tools-debugsource-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: 5e1e96236b49b507cb787144645b357e57f69e6501e5e80da826fa9166239333
open-vm-tools-desktop-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: e405928d67a858bf1bc16f6344d478e70c957cf4698d2fcc958e6dc9dc9a4a8b
open-vm-tools-desktop-debuginfo-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: e2819fde7b837f064079ae71a54131279df52b1535ea2eab78d107b54d5e329f
open-vm-tools-sdmp-debuginfo-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: dfe3235a0d1bbf9dbf51a9551dfe3b373237cd65365117f9462affbdedf3e792
open-vm-tools-test-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: e42958d2be5f64cd916ce6b53593961d23c049b834c1c017d80840f91c0b9a33
open-vm-tools-test-debuginfo-12.1.5-1.el9_2.3.aarch64.rpm
SHA-256: 9e4963a4f3a90cc6c00b333217fd416cfff3b28eded1baee521a7f27c27da9ad
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 267484.
Ubuntu Security Notice 6365-2 - USN-6365-1 fixed a vulnerability in Open VM Tools. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SAML token signature verification and perform VMware Tools Guest Operations.
An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-20900: An improper signature verification flaw was found in open-vm-tools that may lead to a bypass of SAML token signature. This issue may allow a malicious actor with man-in-the-middle (MITM) network positioning between a vCenter server and the virtual machine to bypass SAML token signature verification to perform gues...
Red Hat Security Advisory 2023-5213-01 - The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-5216-01 - The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-5217-01 - The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Issues addressed include a bypass vulnerability.
An update for open-vm-tools is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-20900: An improper signature verification flaw was found in open-vm-tools that may lead to a bypass of SAML token signature. This issue may allow a malicious actor with man-in-the-middle (MITM) network positioning between a vCenter server and the virtual machine to bypass SAML token signature verification to perform gues...
An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-20900: An improper signature verification flaw was found in open-vm-tools that may lead to a bypass of SAML token signature. This issue may allow a malicious actor with man-...
An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-20900: An improper signature verification flaw was found in open-vm-tools that may lead to a bypass of SAML token signature. This issue may allow a malicious actor with man-in-the-middle (MITM) network positioning between a vCenter server and the virtual machine to bypass SAML token signature verification to pe...
Ubuntu Security Notice 6365-1 - It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SAML token signature verification and perform VMware Tools Guest Operations.
Debian Linux Security Advisory 5943-1 - Two security issues have been discovered in the Open VMware Tools, which may result in a man-in-the-middle attack or authentication bypass.
Proof-of-concept (PoC) exploit code has been made available for a recently disclosed and patched critical flaw impacting VMware Aria Operations for Networks (formerly vRealize Network Insight). The flaw, tracked as CVE-2023-34039, is rated 9.8 out of a maximum of 10 for severity and has been described as a case of authentication bypass due to a lack of unique cryptographic key generation. “A