Lucene search

K
ibmIBMA00997B30D3A4F416E6337825EC9EA489ED6395F9B6CE6E08B766038169DED38
HistoryJul 11, 2024 - 3:42 p.m.

Security Bulletin: IBM DataPower Gateway Virtual Edition vulnerable to security bypass due to use of open-vm-tools (CVE-2023-20900)

2024-07-1115:42:41
www.ibm.com
6
ibm datapower gateway
open-vm-tools
security bypass
vulnerability
hypervisor
saml token
vmware tools
guest operations
fix
apar
ibm recommendation

CVSS3

7.5

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7

Confidence

High

EPSS

0.001

Percentile

34.9%

Summary

open-vm-tools provides an interface between IBM DataPower Gateway Virtual Edition and the hypervisor. This issue may permit hypervisor users to perform unauthorized guest operations.

Vulnerability Details

**CVEID:**CVE-2023-20900 DESCRIPTION: VMware Tools could allow a remote attacker to bypass security restrictions, caused by improper SAML token signature verification. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to perform VMware Tools Guest Operations
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/264792 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM DataPower Gateway 10.5 CD 10.5.1.0 - 10.5.4.0
IBM DataPower Gateway 10.5.0 10.5.0.0 - 10.5.0.11

Remediation/Fixes

Affected Products Fixed in version APAR
IBM DataPower Gateway 10.5 CD 10.6.0.0 IT46502
IBM DayaPower Gateway 10.5.0 10.5.0.12 IT46502

IBM strongly recommends addressing the vulnerability now

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmdatapower_gatewayMatch10.5.0
OR
ibmdatapower_gatewayMatch10.5
VendorProductVersionCPE
ibmdatapower_gateway10.5.0cpe:2.3:a:ibm:datapower_gateway:10.5.0:*:*:*:*:*:*:*
ibmdatapower_gateway10.5cpe:2.3:a:ibm:datapower_gateway:10.5:*:*:*:*:*:*:*

CVSS3

7.5

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7

Confidence

High

EPSS

0.001

Percentile

34.9%