oss-sec mailing list archives
[Security Advisory] open-vm-tools: SAML token signature bypass vulnerability (CVE-2023-20900)
From: VMware Security Response Center <security () vmware com>
Date: Thu, 31 Aug 2023 09:26:26 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Please see the security advisory here: https://www.vmware.com/security/advisories/VMSA-2023-0019.html Description ============================================================== CVE-2023-20900: VMware Tools contains a SAML token signature bypass vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3.1 base score of 7.5 - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. Known Attack Vectors ============================================================== A malicious actor with man-in-the-middle (MITM) network positioning between vCenter server and the virtual machine may be able to bypass SAML token signature verification, to perform VMware Tools Guest Operations. Upstream fix for CVE-2023-20900 ============================================================== https://github.com/vmware/open-vm-tools/blob/CVE-2023-20900.patch/CVE-2023-20900.patch -----BEGIN PGP SIGNATURE----- iHUEAREIAB0WIQQ950nPZL1VtgrpULuSf/JD335VcQUCZPBa5gAKCRCSf/JD335V cZZTAP9QYJDWCzECKYakbqu4fui7CditlHnew0qs0KjG9qfC3QEA7wLPBfudDBkj ivy2KsHabG03funx8dWl/x77TfFbUlI= =sAT7 -----END PGP SIGNATURE-----
Current thread:
- [Security Advisory] open-vm-tools: SAML token signature bypass vulnerability (CVE-2023-20900) VMware Security Response Center (Aug 31)