Lucene search
AlmaLinuxALSA-2023:5313HistorySep 20, 2023 - 12:00 a.m.
Important: open-vm-tools security update
2023-09-2000:00:00
errata.almalinux.org
24
open virtual machine tools
security update
saml token signature
cve-2023-20900
virtualization components
7.5 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
44.9%
The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines.
Security Fix(es):
- open-vm-tools: SAML token signature bypass (CVE-2023-20900)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| almalinux | 9 | aarch64 | open-vm-tools-desktop | < 12.1.5-1.el9_2.3.alma.1 | open-vm-tools-desktop-12.1.5-1.el9_2.3.alma.1.aarch64.rpm |
| almalinux | 9 | aarch64 | open-vm-tools-test | < 12.1.5-1.el9_2.3.alma.1 | open-vm-tools-test-12.1.5-1.el9_2.3.alma.1.aarch64.rpm |
| almalinux | 9 | aarch64 | open-vm-tools | < 12.1.5-1.el9_2.3.alma.1 | open-vm-tools-12.1.5-1.el9_2.3.alma.1.aarch64.rpm |
| almalinux | 9 | x86_64 | open-vm-tools-desktop | < 12.1.5-1.el9_2.3.alma.1 | open-vm-tools-desktop-12.1.5-1.el9_2.3.alma.1.x86_64.rpm |
| almalinux | 9 | x86_64 | open-vm-tools-test | < 12.1.5-1.el9_2.3.alma.1 | open-vm-tools-test-12.1.5-1.el9_2.3.alma.1.x86_64.rpm |
| almalinux | 9 | x86_64 | open-vm-tools | < 12.1.5-1.el9_2.3.alma.1 | open-vm-tools-12.1.5-1.el9_2.3.alma.1.x86_64.rpm |
| almalinux | 9 | x86_64 | open-vm-tools-sdmp | < 12.1.5-1.el9_2.3.alma.1 | open-vm-tools-sdmp-12.1.5-1.el9_2.3.alma.1.x86_64.rpm |
| almalinux | 9 | x86_64 | open-vm-tools-salt-minion | < 12.1.5-1.el9_2.3.alma.1 | open-vm-tools-salt-minion-12.1.5-1.el9_2.3.alma.1.x86_64.rpm |
Related
redhat
redhat
(RHSA-2023:5312) Important: open-vm-tools security update
2023-09-20 13:24:49
(RHSA-2023:5217) Important: open-vm-tools security update
2023-09-19 07:10:17
(RHSA-2023:5218) Important: open-vm-tools security update
2023-09-19 07:10:20
osv
osv
open-vm-tools vulnerability
2023-09-25 10:55:21
Important: open-vm-tools security update
2023-09-20 00:00:00
open-vm-tools vulnerability
2023-09-13 14:54:49
nessus
nessus
RHEL 9 : open-vm-tools (RHSA-2023:5313)
2023-09-20 00:00:00
RHEL 7 : open-vm-tools (RHSA-2023:5217)
2023-09-19 00:00:00
Amazon Linux 2 : open-vm-tools (ALAS-2023-2250)
2023-09-20 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:3507-1)
2023-09-01 00:00:00
Ubuntu: Security Advisory (USN-6365-2)
2023-09-26 00:00:00
Debian: Security Advisory (DLA-3597-1)
2023-10-02 00:00:00
ubuntu
ubuntu
Open VM Tools vulnerability
2023-09-13 00:00:00
Open VM Tools vulnerability
2023-09-25 00:00:00
rocky
rocky
open-vm-tools security update
2023-09-26 13:25:26
open-vm-tools security update
2023-09-26 13:26:44
oraclelinux
oraclelinux
open-vm-tools security update
2023-09-22 00:00:00
open-vm-tools security update
2023-09-21 00:00:00
open-vm-tools security update
2023-09-19 00:00:00
amazon
amazon
Important: open-vm-tools
2023-09-13 23:44:00
alpinelinux
alpinelinux
CVE-2023-20900
2023-08-31 10:15:08
vmware
vmware
debiancve
debiancve
CVE-2023-20900
2023-08-31 10:15:08
redos
redos
ROS-20230914-07
2023-09-14 00:00:00
redhatcve
redhatcve
CVE-2023-20900
2023-09-01 19:42:11
debian
debian
[SECURITY] [DLA 3597-1] open-vm-tools security update
2023-10-01 19:10:50
[SECURITY] [DSA 5493-1] open-vm-tools security update
2023-09-10 17:57:53
prion
prion
Design/Logic Flaw
2023-08-31 10:15:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2242
2023-10-10 09:32:53
ubuntucve
ubuntucve
CVE-2023-20900
2023-08-31 00:00:00
almalinux
almalinux
Important: open-vm-tools security update
2023-09-20 00:00:00
nvd
nvd
CVE-2023-20900
2023-08-31 10:15:08
veracode
veracode
Man-in-the-Middle (MitM)
2023-09-05 04:39:45
cvelist
cvelist
CVE-2023-20900
2023-08-31 09:45:43
cve
cve
CVE-2023-20900
2023-08-31 10:15:08
fedora
fedora
[SECURITY] Fedora 39 Update: open-vm-tools-12.3.0-1.fc39
2023-09-15 19:09:34
[SECURITY] Fedora 37 Update: open-vm-tools-12.3.0-1.fc37
2023-09-20 01:06:52
[SECURITY] Fedora 38 Update: open-vm-tools-12.3.0-1.fc38
2023-09-14 01:29:19
photon
photon
Important Photon OS Security Update - PHSA-2023-5.0-0085
2023-08-31 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0463
2023-09-01 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0642
2023-09-01 00:00:00
thn
thn
ibm
ibm
7.5 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
44.9%
Related for ALSA-2023:5313