Generic filters
Exact matches only
Search in title
Search in content
Filter by Custom Post Type
Posts
Filter by Categories







[CVSS 9+] Critical VMware Vulnerability in Cloud Director

VMware Critical Authentication Bypass Vulnerability

VMware disclosed a critical and unpatched authentication bypass vulnerability, tracked as CVE-2023-34060, affecting Cloud Director appliance deployments.

Cloud Director enables VMware admins to manage their organisations’ cloud services as part of Virtual Data Centers (VDC).

The authentication bypass security flaw, with an initial CVSS score of 9.8, only affects appliances running VCD Appliance 10.5 that were previously upgraded from an older release. The company also added that CVE-2023-34060 does not impact fresh VCD Appliance 10.5 installs, Linux deployments, and other appliances.

Unauthenticated attackers can remotely exploit the bug in low-complexity attacks that don’t require user interaction.

On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login restrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console),

This bypass is not present on port 443 (VCD provider and tenant login). On a new installation of VMware Cloud Director Appliance 10.5, the bypass is not present.

VMware explains.
No Patch, Workaround Available

While VMware does not have a patch for this critical authentication bypass, the company has provided administrators with a temporary workaround until security updates are available.

VMware has released a security advisory VMSA-2023-0026 to help customers understand the issue, along with a link to the knowledgebase article explaining the workaround.

According to VMware, implementing the workaround does not cause any functional disruptions, and there is no need for a service restart or a reboot, ensuring minimal downtime.

Recent VMware Security Updates

In June, VMware fixed an ESXi zero-day vulnerability that was exploited by Chinese state hackers for data theft. You can find more information about the fix here.

Over the past few months, the company has released multiple patches to address various issues in Aria Operations. You can find the most recent patch here.

Furthermore, VMware recently released a critical patch for vCenter Server to address several vulnerabilities. For more details about this recent fix, please refer to our news article.

We recommend organisations to stay informed about the security advisories for VMware and promptly apply patches or implement workarounds.

RECENT BLOG POSTS

PODCASTS

Cubic Lighthouse is a cybersecurity publication dedicated to demystifying security, making news actionable, providing deeper thinking about the fundamentals of security, and providing decision-makers and the community at large with the right information to make the right decisions. We will also feature more technical articles and provide personal/family security advice.

©2024 Cubic Consulting, a Smart Security Company for your Business – All Rights Reserved.