Lucene search

IBM11300B65B92638E31A5C4AC8032083841C3383BB7D929CB0F8D9D2227851DF27

HistoryJul 29, 2024 - 9:28 p.m.

Security Bulletin: IBM DataPower Gateway Virtual Edition vulnerable to security bypass due to open-vm-tools (CVE-2023-20867)

2024-07-2921:28:06

www.ibm.com

ibm datapower gateway

virtual edition

security bypass

open-vm-tools

cve-2023-20867

vulnerability

hypervisor

vmware tools

authentication

esxi host

ibm

version 10.5.0

version 10.5cd

apar

it46602

CVSS3

3.9

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

AI Score

6.6

Confidence

Low

EPSS

0.003

Percentile

70.3%

JSON

Summary

open-vm-tools provides an interface between IBM DataPower Gateway Virtual Edition and the hypervisor. This issue may permit a compromised hypervisor to perform unauthorized guest operations.

Vulnerability Details

CVEID:CVE-2023-20867
**DESCRIPTION:**VMware Tools could allow a local authenticated attacker to bypass security restrictions, caused by the failure to authenticate host-to-guest operations in the vgauth module. An attacker could exploit this vulnerability using a fully compromised ESXi host to bypass authentication and obtain access to the guest virtual machine.
CVSS Base score: 3.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/257845 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM DataPower Gateway 10.5 CD	10.5…1 - 10.5.4
IBM DataPower Gateway 10.5.0	10.5.0.0-10.5.0.11

Remediation/Fixes

Affected Product	Fixed in Version	APAR
IBM DataPower Gateway 10.5CD	10.6.0.0	IT46602
IBM DataPower Gateway 10.5.0	10.5.0.12	IT46602

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmwebsphere_datapower_service_gateway_xg45_virtual_editionMatch10.5.0

ibmwebsphere_datapower_service_gateway_xg45_virtual_editionMatch10.5

VendorProductVersionCPE
ibmwebsphere_datapower_service_gateway_xg45_virtual_edition10.5.0cpe:2.3:h:ibm:websphere_datapower_service_gateway_xg45_virtual_edition:10.5.0:*:*:*:*:*:*:*
ibmwebsphere_datapower_service_gateway_xg45_virtual_edition10.5cpe:2.3:h:ibm:websphere_datapower_service_gateway_xg45_virtual_edition:10.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	websphere_datapower_service_gateway_xg45_virtual_edition	10.5.0	cpe:2.3:h:ibm:websphere_datapower_service_gateway_xg45_virtual_edition:10.5.0:::::::*
ibm	websphere_datapower_service_gateway_xg45_virtual_edition	10.5	cpe:2.3:h:ibm:websphere_datapower_service_gateway_xg45_virtual_edition:10.5:::::::*