VMware fixes critical Cloud Director auth bypass unpatched for 2 weeks

Trending 3 months ago


VMware has fixed a analytical affidavit bypass vulnerability in Cloud Director apparatus deployments, a bug that was larboard unpatched for over two weeks back it was appear on November 14th.

Cloud Director is a VMware belvedere that enables admins to administer abstracts centers advance above assorted locations as Virtual Data Centers (VDC).

The auth bypass aegis blemish (CVE-2023-34060) alone impacts accessories active VCD Appliance 10.5 that were ahead upgraded from an earlier release. However, VMware says it doesn't affect beginning VCD Appliance 10.5 installs, Linux deployments, and added appliances.

Remote attackers can accidentally accomplishment the CVE-2023-34060 bug in low-complexity attacks that don't crave user interaction.

"On an upgraded adaptation of VMware Cloud Director Appliance 10.5, a awful abecedarian with arrangement acceptance to the apparatus can bypass login restrictions back acceptance on anchorage 22 (ssh) or anchorage 5480 (appliance administration console)," VMware explains.

"This bypass is not present on anchorage 443 (VCD provider and addressee login). On a new accession of VMware Cloud Director Appliance 10.5, the bypass is not present."

Workaround additionally available

The aggregation additionally provides a acting workaround for admins who cannot anon install the aegis patch.

"VMware appear VMware Security Advisory VMSA-2023-0026 to advice barter accept the affair and which advancement aisle will fix it," VMware says in a abstracted advisory.

The workaround aggregate by VMware alone works for afflicted versions of VCD Appliance 10.5.0, and it requires downloading a custom script and active it on beef accessible to CVE-2023-34060 attacks.

This workaround does not account any anatomic disruptions, according to VMware, and blow is additionally not a affair back neither a account restart nor a reboot is necessary.

In June, VMware patched an ESXi zero-day (CVE-2023-20867) exploited by Chinese cyberspies for abstracts annexation and alerted customers to an actively abused analytical blemish in the Aria Operations for Networks analytics tool.

More recently, in October, it additionally anchored a critical vCenter Server flaw (CVE-2023-34048) that can be acclimated for alien cipher beheading attacks.