Lucene search

K
thnThe Hacker NewsTHN:17D0D209B56B4709BECDD8021277421F
HistoryNov 15, 2023 - 4:18 a.m.

Urgent: VMware Warns of Unpatched Critical Cloud Director Vulnerability

2023-11-1504:18:00
The Hacker News
thehackernews.com
54
vmware
cloud director
vulnerability
security flaw
unpatched
cve-2023-34060
cvss score 9.8
authentication
bypass
workaround

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

60.6%

Cloud Director Vulnerability

VMware is warning of a critical and unpatched security flaw in Cloud Director that could be exploited by a malicious actor to get around authentication protections.

Tracked as CVE-2023-34060 (CVSS score: 9.8), the vulnerability impacts instances that have been upgraded to version 10.5 from an older version.

“On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login restrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console),” the company said in an alert.

“This bypass is not present on port 443 (VCD provider and tenant login). On a new installation of VMware Cloud Director Appliance 10.5, the bypass is not present.”

The virtualization services company further noted that the impact is due to the fact that it utilizes a version of sssd from the underlying Photon OS that is affected by CVE-2023-34060.

Cybersecurity

Dustin Hartle from IT solutions provider Ideal Integrations has been credited with discovering and reporting the shortcomings.

While VMware has yet to release a fix for the problem, it has provided a workaround in the form of a shell script (“WA_CVE-2023-34060.sh”).

It also emphasized implementing the temporary mitigation will neither require downtime nor have a side-effect on the functionality of Cloud Director installations.

The development comes weeks after VMware released patches for another critical flaw in the vCenter Server (CVE-2023-34048, CVSS score: 9.8) that could result in remote code execution on affected systems.

Update

VMware, on November 30, 2023, released security fixes to address CVE-2023-34060. The updates are available in version VMware Cloud Director Appliance 10.5.1.

“Only deployments that have upgraded to 10.5 from an older release are impacted by CVE-2023-34060,” the company emphasized in an updated advisory. “New deployments of 10.5 are not impacted by CVE-2023-34060.”

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

60.6%