VMware disclosed a critical and unpatched authentication bypass vulnerability affecting Cloud Director appliance deployments.
VMware disclosed a critical and unpatched authentication bypass vulnerability affecting Cloud Director appliance deployments.
Cloud Director is a tool VMWare administrators employ to manage their organizations' cloud services as part of Virtual Data Centers (VDC).
The auth bypass security flaw specifically affects appliances running VCD Appliance 10.5, upgraded from an older release. The company also added that this vulnerability, CVE-2023-34060, does not affect new installations of VCD Appliance 10.5, Linux deployments, or other appliances.
Unauthenticated attackers can remotely exploit the vulnerability in low-complexity attacks that do not require user interaction. VMWare explains, 'On an upgraded VMware Cloud Director Appliance 10.5 version, a malicious actor with network access can bypass login restrictions when authenticating on port 22 (SSH) or port 5480 (appliance management console). This bypass is not on port 443 (VCD provider and tenant login).
While VMware doesn't have a patch for this critical authentication bypass, the company provided admins with a temporary workaround until security updates were released.
VMware released VMware Security Advisory VMSA-2023-0026 to help customers understand the issue and which upgrade path will rectify it, VMware says in a separate advisory.
The workaround applies only to the affected versions of VCD Appliance 10.5.0 and involves downloading a custom script attached to a knowledgebase article and running it on cells vulnerable to CVE-2023-34060. VMWare assures that this workaround does not cause any functional disruptions, and there is no need for concern about downtime as neither a service restart nor a reboot is necessary.
In June, VMWare has also addressed other security issues. The company fixed an ESXi zero-day exploit by Chinese state hackers for data theft. It warned customers about an actively exploited critical bug in the Aria Operations for Networks analytics tool. More recently, in October, it patched an essential vCenter Server flaw (CVE-2023-34048) that could be exploited for remote code execution attacks.
Want your digital assets to be protected?
CyberShelter provides innovative and modern cybersecurity products and niche services to individuals and organization against all kinds of cyber threats.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?