VMware Releases Critical Security Update for VMware Cloud Director Appliance

Security update addresses an authentication bypass vulnerability in the VMware Cloud Director Appliance platform

Threat ID:: CC-4409
Threat Severity:: Medium
Published:: 15 November 2023 2:21 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Security update addresses an authentication bypass vulnerability in the VMware Cloud Director Appliance platform

Affected platforms

The following platforms are known to be affected:

Versions: 10.5 if upgraded from 10.4.x or below.

VMware Cloud Director

Threat details

Introduction

VMware has released a security update to address a vulnerability in VMware Cloud Director Appliance. CVE-2023-34060, which has been assigned a CVSSv3 score of 9.8, is an authentication bypass vulnerability that could allow a malicious attacker with network access to bypass SSH or appliance management console authentication and take control of an affected system.

This vulnerability only affects version 10.5 of VMware Cloud Director Appliance if it has been updated from a previous version. Fresh installations of version 10.5 are unaffected by CVE-2023-34060.

Remediation advice

Affected organisations are encouraged to review the VMware Security Advisory VMSA-2023-0026 and apply the relevant workarounds.

Definitive source of threat updates

CVE Vulnerabilities

Status Published

CVE-2023-34060

VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login restrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console) . This bypass is not present on port 443 (VCD provider and tenant login). On a new installation of VMware Cloud Director Appliance 10.5, the bypass is not present.

Last edited: 15 November 2023 4:01 pm