Hand-Picked Top-Read Stories

NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-6548 and CVE-2023-6549

27 views

Citrix Provisioning Server – Console User Domain Authentication Failure

30 views

XenApp/ XenDesktop- Limit application to one instance per user is not working

35 views

Trending Tags

VMware Virtualisation

248 views

2 minute read

VMSA-2023-0019

1 September 2023

Important

Advisory ID:
VMSA-2023-0019

CVSSv3 Range:
7.5

Issue Date:
2023-08-31

Updated On:
2023-08-31 (Initial Advisory)

CVE(s):
CVE-2023-20900

Synopsis:
VMware Tools updates address a SAML Token Signature Bypass Vulnerability (CVE-2023-20900)

1. Impacted Products

VMware Tools

2. Introduction

A SAML token signature bypass vulnerability in VMware Tools was responsibly reported to VMware. Updates are available to remediate this vulnerability in the affected VMware products.

3. SAML Token Signature Bypass vulnerability (CVE-2023-20900)

Description

VMware Tools contains a SAML token signature bypass vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5.

Known Attack Vectors

A malicious actor with man-in-the-middle (MITM) network positioning in the virtual machine network may be able to bypass SAML token signature verification, to perform VMware Tools Guest Operations.

Resolution

To remediate CVE-2023-20900 apply the patches listed in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.

Workarounds

None.

Additional Documentation

None.

Notes

[1] VMware Tools 10.3.26 only applies to the older Linux releases.
[2] A version of open-vm-tools that addresses CVE-2023-20900 will be distributed by Linux vendors.
[3] Fixed versions may differ based on the Linux distribution version and the distribution vendor.

Acknowledgements

VMware would like to thank Peter Stöckli of GitHub Security Lab for reporting this issue to us.

Response Matrix

Product	Version	Running On	CVE Identifier	CVSSv3	Severity	Fixed Version	Workarounds	Additional Documentation
VMware Tools	12.x.x, 11.x.x, 10.3.x	Windows	CVE-2023-20900	7.5	important	12.3.0	None	None
VMware Tools	10.3.x	Linux	CVE-2023-20900	7.5	important	[1] 10.3.26	None	None
[2] VMware Tools (open-vm-tools)	12.x.x, 11.x.x, 10.3.x	Linux	CVE-2023-20900	7.5	important	[3] 12.3.0	None	None

4. References

Fixed Version(s) and Release Notes:

VMware Tools for Windows 12.3.0
Downloads and Documentation:
https://customerconnect.vmware.com/downloads/details?downloadGroup=VMTOOLS1230&productId=1259
https://docs.vmware.com/en/VMware-Tools/12.3/rn/vmware-tools-1230-release-notes/index.html

VMware Tools for Linux 10.3.26
Downloads and Documentation:
https://customerconnect.vmware.com/downloads/details?downloadGroup=VMTOOLS10326&productId=742
https://docs.vmware.com/en/VMware-Tools/10.3/rn/vmware-tools-10326-release-notes/index.html

Mitre CVE Dictionary Links:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20900

FIRST CVSSv3 Calculator:
CVE-2023-20900: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

5. Change Log

2023-08-31 VMSA-2023-0019
Initial security advisory.

6. Contact

E-mail: security@vmware.com

PGP key at:
https://kb.vmware.com/kb/1055

VMware Security Advisories
https://www.vmware.com/security/advisories

VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html

VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html

VMware Security & Compliance Blog
https://blogs.vmware.com/security

Twitter
https://twitter.com/VMwareSRC

Copyright 2023 VMware Inc. All rights reserved.

Read full article (vmware.com)

All content and images belong to their respected owners, this article is curated for informational purposes only.

Leave a Reply Cancel reply

You must be logged in to post a comment.

Previous Post

Citrix

How to get ShareFile for Outlook – Mac

31 August 2023

Next Post

Citrix

Citrix PDF Printer does not open full screen with Edge as default PDF viewer

1 September 2023