VMwareVMSA-2023-0026.1VMware Cloud Director Appliance contains an authentication bypass vulnerability (CVE-2023-34060).
3. Authentication Bypass Vulnerability (CVE-2023-34060)
VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
References
customerconnect.vmware.com/en/downloads/info/slug/datacenter_cloud_infrastructure/vmware_cloud_director/10_5
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34060
docs.vmware.com/en/VMware-Cloud-Director/10.5.1/rn/vmware-cloud-director-1051-release-notes/index.html
github.com/vmware/photon/wiki/security-advisory-CVE-2023-34060
kb.vmware.com/s/article/95534
www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Related
