Lucene search

K
cvelistVmwareCVELIST:CVE-2023-34056
HistoryOct 25, 2023 - 4:24 a.m.

CVE-2023-34056 VMware vCenter Server Partial Information Disclosure Vulnerability

2023-10-2504:24:47
vmware
www.cve.org
5
cve-2023-34056
vmware
vcenter server
information disclosure

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

4.6

Confidence

High

EPSS

0

Percentile

9.8%

vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "VMware vCenter Server",
    "vendor": "VMware",
    "versions": [
      {
        "lessThan": "8.0U2",
        "status": "affected",
        "version": "8.0",
        "versionType": "8.0U2"
      },
      {
        "lessThan": "7.0U3o",
        "status": "affected",
        "version": "7.0",
        "versionType": "7.0U3o"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "VMware Cloud Foundation (VMware vCenter Server)",
    "vendor": "VMware",
    "versions": [
      {
        "status": "affected",
        "version": "5.x"
      },
      {
        "status": "affected",
        "version": "4.x"
      }
    ]
  }
]

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

4.6

Confidence

High

EPSS

0

Percentile

9.8%