VMSA-2023-0026

vmware logo header

Critical


VMSA-2023-0026

9.8

2023-11-14

2023-11-14 (Initial Advisory)

CVE-2023-34060

VMware Cloud Director Appliance contains an authentication bypass vulnerability (CVE-2023-34060).

1. Impacted Products



  • VMware Cloud Director Appliance (VCD Appliance)

2. Introduction



An authentication bypass vulnerability in VMware Cloud Director Appliance was privately reported to VMware. Updates are available to remediate this vulnerability in the affected VMware product.

3. Authentication Bypass Vulnerability (CVE-2023-34060)

Description



VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from
an older version. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

Known Attack Vectors



On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login
restrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console). This bypass is not present on port 443 (VCD provider
and tenant login). On a new installation of VMware Cloud Director Appliance 10.5, the bypass is not present.

Resolution



To remediate CVE-2023-34060 follow the guidance mentioned in KB95534 in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.  

Workarounds



None.

Additional Documentation



None.

Notes



Only deployments that have upgraded to 10.5 from an older release are impacted by CVE-2023-34060. New deployments of 10.5 are not impacted by CVE-2023-34060. 

VMware Cloud Director Appliance is impacted since it uses a version of sssd from the underlying Photon OS that is affected by CVE-2023-34060: https://github.com/vmware/photon/wiki/security-advisory-CVE-2023-34060

VMware has determined other appliances to not be impacted by this vulnerability. 

Acknowledgements



VMware would like to thank Dustin Hartle from Ideal Integrations Inc for reporting this issue to us.

Response Matrix

ProductVersionRunning OnCVE IdentifierCVSSv3SeverityFixed VersionWorkaroundsAdditional Documentation
VMware Cloud Director Appliance
10.5 if upgraded from 10.4.x or below.
Photon OS
CVE-2023-34060
critical

N/A
None
VMware Cloud Director Appliance
10.5 new install
Photon OS
CVE-2023-34060
N/A
N/A

Unaffected
N/A
None
VMware Cloud Director Appliance
10.4.x and Below
Photon OS
CVE-2023-34060
N/A
N/A

Unaffected
N/A
None

4. References

5. Change Log



2023-11-14 VMSA-2023-0026
Initial security advisory.

6. Contact



E-mail: security@vmware.com

PGP key at: 
https://kb.vmware.com/kb/1055 

VMware Security Advisories
https://www.vmware.com/security/advisories 

VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html 

VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html 

VMware Security & Compliance Blog  
https://blogs.vmware.com/security 

Twitter
https://twitter.com/VMwareSRC

Copyright 2023 VMware Inc. All rights reserved.

Read full article (vmware.com)

All content and images belong to their respected owners, this article is curated for informational purposes only.

Total
0
Shares
Leave a Reply
Previous Post
citrix logo header

No ICA RTT data in DB’s Monitoring.SessionMetrics table

Next Post
citrix logo header

Citrix  Director Trends>Network Page Shows “Refused to connect” After Intergration With ADM

Related Posts