23 matches found
Astra Linux – Vulnerability in open-vm-tools
VMware Tools contains a vulnerability related to bypassing the SAML token signature. A malicious actor who has been granted “Guest Operation Privileges” can potentially elevate their privileges if the target virtual machine has been assigned a more privileged “Guest Alias”. source-iocs-preserved...
SUSE CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...
RLSA-2023:7265 Important: open-vm-tools security update
The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools: SAML token signature bypass CVE-2023-34058...
Oracle Linux 9 : open-vm-tools (ELSA-2023-7277)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7277 advisory. - Address CVE-2023-34058 - BZ 2246963 - SAML token signature token bypass. Tenable has extracted the preceding description block directly from the Orac...
open-vm-tools: SAML token signature bypass
A flaw was found in open-vm-tools. This flaw allows a malicious actor that has been granted Guest Operation Privileges in a target virtual machine to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias...
Important: Red Hat Security Advisory: open-vm-tools security update
An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...
open-vm-tools: SAML token signature bypass
A flaw was found in open-vm-tools. This flaw allows a malicious actor that has been granted Guest Operation Privileges in a target virtual machine to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias...
Important: Red Hat Security Advisory: open-vm-tools security update
An update for open-vm-tools is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Important: Red Hat Security Advisory: open-vm-tools security update
An update for open-vm-tools is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
open-vm-tools: SAML token signature bypass
A flaw was found in open-vm-tools. This flaw allows a malicious actor that has been granted Guest Operation Privileges in a target virtual machine to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias...
open-vm-tools: SAML token signature bypass
A flaw was found in open-vm-tools. This flaw allows a malicious actor that has been granted Guest Operation Privileges in a target virtual machine to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias...
RHEL 8 : open-vm-tools (RHSA-2023:7265)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7265 advisory. The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualizati...
Important: open-vm-tools security update
The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools: SAML token signature bypass CVE-2023-34058...
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html .
...
SUSE-SU-2023:4230-1 Security update for open-vm-tools
This update for open-vm-tools fixes the following issues: - CVE-2023-34058: Fixed a SAML token signature bypass issue bsc1216432. - CVE-2023-34059: Fixed a privilege escalation issue through vmware-user-suid-wrapper bsc1216433...
SUSE-SU-2023:4227-1 Security update for open-vm-tools
This update for open-vm-tools fixes the following issues: - CVE-2023-34058: Fixed a SAML token signature bypass issue bsc1216432. - CVE-2023-34059: Fixed a privilege escalation issue through vmware-user-suid-wrapper bsc1216433...
DEBIAN-CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...
CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...
UBUNTU-CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...
Important: open-vm-tools
Issue Overview: VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor with man-in-the-middle MITM network positioning between vCenter server and the virtual machine may be able to bypass SAML token signature verification, to perform VMware Tools Guest Operations...