Man-in-the-Middle (MitM)

🗓️ 05 Sep 2023 04:39:45Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 37 Views

VMware Tools MitM vulnerability in open-vm-tools

Reporter	Title	Published	Views	Family All 156
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities	16 Nov 202318:47	–	ibm
IBM Security Bulletins	Security Bulletin: IBM DataPower Gateway Virtual Edition vulnerable to security bypass due to use of open-vm-tools (CVE-2023-20900)	11 Jul 202415:42	–	ibm
Tenable Nessus	Amazon Linux 2023 : open-vm-tools, open-vm-tools-desktop, open-vm-tools-devel (ALAS2023-2023-350)	20 Sep 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : open-vm-tools (ALAS-2023-2250)	20 Sep 202300:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0116: open-vm-tools (ALINUX3-SA-2023:0116)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : open-vm-tools (ALSA-2023:5312)	22 Sep 202300:00	–	nessus
Tenable Nessus	AlmaLinux 9 : open-vm-tools (ALSA-2023:5313)	22 Sep 202300:00	–	nessus
Tenable Nessus	CentOS 9 : open-vm-tools-12.2.5-2.el9	29 Feb 202400:00	–	nessus
Tenable Nessus	CentOS 7 : open-vm-tools (RHSA-2023:5217)	22 Dec 202300:00	–	nessus
Tenable Nessus	Debian dla-3597 : open-vm-tools - security update	2 Oct 202300:00	–	nessus

Vulners

Node

vmware open-vm-toolsMatch12.2.5-r0os

AND

vmware open-vm-toolsMatch12.2.0-r0os

AND

alpinelinux alpine_linuxMatch3.18

vmware open-vm-toolsMatch12.2.5-r0os

AND

vmware open-vm-toolsMatch11.1.0-r3os

AND

vmware open-vm-toolsMatch12.2.0-r0os

AND

vmware open-vm-toolsMatch11.0.5-r0os

AND

vmware open-vm-toolsMatch11.2.0-r0os

AND

vmware open-vm-toolsMatch11.0.5-r2os

AND

vmware open-vm-toolsMatch11.0.5-r3os

AND

vmware open-vm-toolsMatch11.3.5-r0os

AND

vmware open-vm-toolsMatch12.2.5-r1os

AND

vmware open-vm-toolsMatch12.0.5-r1os

AND

vmware open-vm-toolsMatch12.1.5-r1os

AND

vmware open-vm-toolsMatch11.2.5-r1os

AND

vmware open-vm-toolsMatch11.2.5-r0os

AND

vmware open-vm-toolsMatch12.0.5-r0os

AND

vmware open-vm-toolsMatch12.0.0-r0os

AND

vmware open-vm-toolsMatch12.1.5-r0os

AND

vmware open-vm-toolsMatch12.1.0-r0os

AND

vmware open-vm-toolsMatch12.2.0-r1os

AND

alpinelinux alpine_linuxMatchedge

vmware open-vm-toolsMatch2:11.2.5-2debian

AND

vmware open-vm-toolsMatch2:11.2.0-1debian

AND

debian debian_linuxMatch999

vmware open-vm-toolsMatch2:10.3.10-1+deb10u2debian

AND

debian debian_linuxMatch10

vmware open-vm-toolsMatch2:11.2.0-1debian

AND

debian debian_linuxMatch11

vmware open-vm-toolsMatch11.0.0_4.el8

vmware open-vm-toolsMatch10.1.10_3.el7_5.1

vmware open-vm-toolsMatch10.3.10_2.el8

vmware open-vm-toolsMatch11.1.0_2.el8

vmware open-vm-toolsMatch10.3.0_2.el7

vmware open-vm-toolsMatch10.3.10_2.el7

vmware open-vm-toolsMatch10.3.10_3.el8_1.1

vmware open-vm-toolsMatch10.3.10_2.el7_8.1

vmware open-vm-toolsMatch10.2.5_3.el7

vmware open-vm-toolsMatch11.2.0_2.el8

vmware open-vm-toolsMatch10.3.10_3.el8

vmware open-vm-toolsMatch10.3.0_2.el8

vmware open-vm-toolsMatch10.3.0_2.el7_7.1

Source	Link
secdb	www.secdb.alpinelinux.org/edge/community.yaml
secdb	www.secdb.alpinelinux.org/v3.18/community.yaml
lists	www.lists.debian.org/debian-lts-announce/2023/10/msg00000.html
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/NVKQ6Y2JFJRWPFOZUOTFO3H27BK5GGOG/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/TJNJMD67QIT6LXLKWSHFM47DCLRSMT6W/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/ZJM6HDRQYS74JA7YNKQBFH2XSZ52HEWH/
security	www.security.netapp.com/advisory/ntap-20231013-0002/
debian	www.debian.org/security/2023/dsa-5493
vmware	www.vmware.com/security/advisories/VMSA-2023-0019.html
openwall	www.openwall.com/lists/oss-security/2023/08/31/1

12 Jan 2024 21:28Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.17.1 - 7.5

EPSS0.00807