Lucene search

IBMA00997B30D3A4F416E6337825EC9EA489ED6395F9B6CE6E08B766038169DED38

HistoryJul 11, 2024 - 3:42 p.m.

Security Bulletin: IBM DataPower Gateway Virtual Edition vulnerable to security bypass due to use of open-vm-tools (CVE-2023-20900)

2024-07-1115:42:41

www.ibm.com

ibm datapower gateway

open-vm-tools

security bypass

vulnerability

hypervisor

saml token

vmware tools

guest operations

fix

apar

ibm recommendation

CVSS3

7.5

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.5

Confidence

Low

JSON

Summary

open-vm-tools provides an interface between IBM DataPower Gateway Virtual Edition and the hypervisor. This issue may permit hypervisor users to perform unauthorized guest operations.

Vulnerability Details

CVEID:CVE-2023-20900
**DESCRIPTION:**VMware Tools could allow a remote attacker to bypass security restrictions, caused by improper SAML token signature verification. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to perform VMware Tools Guest Operations
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/264792 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM DataPower Gateway 10.5 CD	10.5.1.0 - 10.5.4.0
IBM DataPower Gateway 10.5.0	10.5.0.0 - 10.5.0.11

Remediation/Fixes

Affected Products	Fixed in version	APAR
IBM DataPower Gateway 10.5 CD	10.6.0.0	IT46502
IBM DayaPower Gateway 10.5.0	10.5.0.12	IT46502

IBM strongly recommends addressing the vulnerability now

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmdatapower_gatewayMatch10.5.0

ibmdatapower_gatewayMatch10.5

VendorProductVersionCPE
ibmdatapower_gateway10.5.0cpe:2.3:a:ibm:datapower_gateway:10.5.0:*:*:*:*:*:*:*
ibmdatapower_gateway10.5cpe:2.3:a:ibm:datapower_gateway:10.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	datapower_gateway	10.5.0	cpe:2.3:a:ibm:datapower_gateway:10.5.0:::::::*
ibm	datapower_gateway	10.5	cpe:2.3:a:ibm:datapower_gateway:10.5:::::::*