Lucene search
AlmaLinuxALSA-2023:5313HistorySep 20, 2023 - 12:00 a.m.
Important: open-vm-tools security update
2023-09-2000:00:00
errata.almalinux.org
25
open virtual machine tools
security update
saml token signature
cve-2023-20900
virtualization components
7.5 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
45.0%
The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines.
Security Fix(es):
- open-vm-tools: SAML token signature bypass (CVE-2023-20900)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| almalinux | 9 | aarch64 | open-vm-tools-desktop | < 12.1.5-1.el9_2.3.alma.1 | open-vm-tools-desktop-12.1.5-1.el9_2.3.alma.1.aarch64.rpm |
| almalinux | 9 | aarch64 | open-vm-tools-test | < 12.1.5-1.el9_2.3.alma.1 | open-vm-tools-test-12.1.5-1.el9_2.3.alma.1.aarch64.rpm |
| almalinux | 9 | aarch64 | open-vm-tools | < 12.1.5-1.el9_2.3.alma.1 | open-vm-tools-12.1.5-1.el9_2.3.alma.1.aarch64.rpm |
| almalinux | 9 | x86_64 | open-vm-tools-desktop | < 12.1.5-1.el9_2.3.alma.1 | open-vm-tools-desktop-12.1.5-1.el9_2.3.alma.1.x86_64.rpm |
| almalinux | 9 | x86_64 | open-vm-tools-test | < 12.1.5-1.el9_2.3.alma.1 | open-vm-tools-test-12.1.5-1.el9_2.3.alma.1.x86_64.rpm |
| almalinux | 9 | x86_64 | open-vm-tools | < 12.1.5-1.el9_2.3.alma.1 | open-vm-tools-12.1.5-1.el9_2.3.alma.1.x86_64.rpm |
| almalinux | 9 | x86_64 | open-vm-tools-sdmp | < 12.1.5-1.el9_2.3.alma.1 | open-vm-tools-sdmp-12.1.5-1.el9_2.3.alma.1.x86_64.rpm |
| almalinux | 9 | x86_64 | open-vm-tools-salt-minion | < 12.1.5-1.el9_2.3.alma.1 | open-vm-tools-salt-minion-12.1.5-1.el9_2.3.alma.1.x86_64.rpm |
Related
nessus
nessus
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : open-vm-tools (SUSE-SU-2023:3507-1)
2023-09-01 00:00:00
Oracle Linux 7 : open-vm-tools (ELSA-2023-5217)
2023-09-19 00:00:00
redhat
redhat
(RHSA-2023:5210) Important: open-vm-tools security update
2023-09-19 07:06:14
(RHSA-2023:5218) Important: open-vm-tools security update
2023-09-19 07:10:20
(RHSA-2023:5312) Important: open-vm-tools security update
2023-09-20 13:24:49
redos
redos
ROS-20230914-07
2023-09-14 00:00:00
debian
debian
[SECURITY] [DLA 3597-1] open-vm-tools security update
2023-10-01 19:10:50
[SECURITY] [DSA 5493-1] open-vm-tools security update
2023-09-10 17:57:53
redhatcve
redhatcve
CVE-2023-20900
2023-09-01 19:42:11
oraclelinux
oraclelinux
open-vm-tools security update
2023-09-21 00:00:00
open-vm-tools security update
2023-09-22 00:00:00
open-vm-tools security update
2023-09-19 00:00:00
rocky
rocky
open-vm-tools security update
2023-09-26 13:26:44
open-vm-tools security update
2023-09-26 13:25:26
debiancve
debiancve
CVE-2023-20900
2023-08-31 10:15:08
osv
osv
Important: open-vm-tools security update
2023-09-26 13:26:44
Important: open-vm-tools security update
2023-09-26 13:25:26
CVE-2023-20900
2023-08-31 10:15:08
openvas
openvas
openSUSE: Security Advisory for exempi (SUSE-SU-2023:3835-1)
2024-03-04 00:00:00
Debian: Security Advisory (DLA-3597-1)
2023-10-02 00:00:00
Ubuntu: Security Advisory (USN-6365-2)
2023-09-26 00:00:00
amazon
amazon
Important: open-vm-tools
2023-09-13 23:44:00
alpinelinux
alpinelinux
CVE-2023-20900
2023-08-31 10:15:08
vmware
vmware
ubuntu
ubuntu
Open VM Tools vulnerability
2023-09-13 00:00:00
Open VM Tools vulnerability
2023-09-25 00:00:00
veracode
veracode
Man-in-the-Middle (MitM)
2023-09-05 04:39:45
almalinux
almalinux
Important: open-vm-tools security update
2023-09-20 00:00:00
cve
cve
CVE-2023-20900
2023-08-31 10:15:08
rosalinux
rosalinux
Advisory ROSA-SA-2023-2242
2023-10-10 09:32:53
cvelist
cvelist
CVE-2023-20900
2023-08-31 09:45:43
nvd
nvd
CVE-2023-20900
2023-08-31 10:15:08
ubuntucve
ubuntucve
CVE-2023-20900
2023-08-31 00:00:00
prion
prion
Design/Logic Flaw
2023-08-31 10:15:00
photon
photon
Important Photon OS Security Update - PHSA-2023-5.0-0085
2023-08-31 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0463
2023-09-01 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0642
2023-09-01 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: open-vm-tools-12.3.0-1.fc39
2023-09-15 19:09:34
[SECURITY] Fedora 38 Update: open-vm-tools-12.3.0-1.fc38
2023-09-14 01:29:19
[SECURITY] Fedora 37 Update: open-vm-tools-12.3.0-1.fc37
2023-09-20 01:06:52
thn
thn
ibm
ibm
7.5 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
45.0%
Related for ALSA-2023:5313