Lucene search
K

23 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in open-vm-tools

VMware Tools contains a vulnerability related to bypassing the SAML token signature. A malicious actor who has been granted “Guest Operation Privileges” can potentially elevate their privileges if the target virtual machine has been assigned a more privileged “Guest Alias”. source-iocs-preserved...

7.5CVSS6.6AI score0.00667EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/02/14 6:24 a.m.4 views

SUSE CVE-2023-34058

VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...

7.5CVSS6.4AI score0.00667EPSS
Exploits0References9
OSV
OSV
added 2023/11/28 10:43 p.m.28 views

RLSA-2023:7265 Important: open-vm-tools security update

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools: SAML token signature bypass CVE-2023-34058...

7.5CVSS7.5AI score0.00667EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/11/17 12:0 a.m.30 views

Oracle Linux 9 : open-vm-tools (ELSA-2023-7277)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7277 advisory. - Address CVE-2023-34058 - BZ 2246963 - SAML token signature token bypass. Tenable has extracted the preceding description block directly from the Orac...

7.5CVSS6.5AI score0.00667EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/11/15 11:19 p.m.5 views

open-vm-tools: SAML token signature bypass

A flaw was found in open-vm-tools. This flaw allows a malicious actor that has been granted Guest Operation Privileges in a target virtual machine to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias...

7.5CVSS5.7AI score0.00667EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/15 9:50 p.m.37 views

Important: Red Hat Security Advisory: open-vm-tools security update

An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

7.5CVSS6.7AI score0.00667EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/11/15 9:25 p.m.5 views

open-vm-tools: SAML token signature bypass

A flaw was found in open-vm-tools. This flaw allows a malicious actor that has been granted Guest Operation Privileges in a target virtual machine to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias...

7.5CVSS5.7AI score0.00667EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/15 9:25 p.m.31 views

Important: Red Hat Security Advisory: open-vm-tools security update

An update for open-vm-tools is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS6.7AI score0.00667EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/11/15 8:40 p.m.62 views

Important: Red Hat Security Advisory: open-vm-tools security update

An update for open-vm-tools is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS6.7AI score0.00667EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/11/15 8:38 p.m.4 views

open-vm-tools: SAML token signature bypass

A flaw was found in open-vm-tools. This flaw allows a malicious actor that has been granted Guest Operation Privileges in a target virtual machine to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias...

7.5CVSS5.7AI score0.00667EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/15 8:35 p.m.4 views

open-vm-tools: SAML token signature bypass

A flaw was found in open-vm-tools. This flaw allows a malicious actor that has been granted Guest Operation Privileges in a target virtual machine to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias...

7.5CVSS5.7AI score0.00667EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/11/15 12:0 a.m.23 views

RHEL 8 : open-vm-tools (RHSA-2023:7265)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7265 advisory. The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualizati...

7.5CVSS6.7AI score0.00667EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2023/11/15 12:0 a.m.30 views

Important: open-vm-tools security update

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools: SAML token signature bypass CVE-2023-34058...

7.5CVSS7AI score0.00667EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2023/10/31 7:0 a.m.7 views

VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html  in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html .

...

7.5CVSS7AI score0.00667EPSS
Exploits0
OSV
OSV
added 2023/10/27 9:27 a.m.4 views

SUSE-SU-2023:4230-1 Security update for open-vm-tools

This update for open-vm-tools fixes the following issues: - CVE-2023-34058: Fixed a SAML token signature bypass issue bsc1216432. - CVE-2023-34059: Fixed a privilege escalation issue through vmware-user-suid-wrapper bsc1216433...

7.5CVSS7.7AI score0.00667EPSS
Exploits0References5
OSV
OSV
added 2023/10/27 9:26 a.m.3 views

SUSE-SU-2023:4227-1 Security update for open-vm-tools

This update for open-vm-tools fixes the following issues: - CVE-2023-34058: Fixed a SAML token signature bypass issue bsc1216432. - CVE-2023-34059: Fixed a privilege escalation issue through vmware-user-suid-wrapper bsc1216433...

7.5CVSS7.7AI score0.00667EPSS
Exploits0References5
OSV
OSV
added 2023/10/27 5:15 a.m.2 views

DEBIAN-CVE-2023-34058

VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...

7.5CVSS6.1AI score0.00667EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/27 4:53 a.m.10 views

CVE-2023-34058

VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...

7.1CVSS7.1AI score0.00667EPSS
Exploits0References7
OSV
OSV
added 2023/10/26 12:0 a.m.6 views

UBUNTU-CVE-2023-34058

VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...

7.5CVSS6.1AI score0.00667EPSS
Exploits0References5
Amazon
Amazon
added 2023/09/20 12:0 a.m.6 views

Important: open-vm-tools

Issue Overview: VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor with man-in-the-middle MITM network positioning between vCenter server and the virtual machine may be able to bypass SAML token signature verification, to perform VMware Tools Guest Operations...

7.5CVSS7.4AI score0.01193EPSS
Exploits0
Rows per page
Query Builder