VMware discloses critical VCD Appliance auth bypass with no patch

A significant, unpatched authentication bypass issue impacting Cloud Director appliance deployments was revealed by VMware.

VMware administrators may oversee cloud services within Virtual Data Centers (VDCs) by using Cloud Director.

Only appliances running VCD Appliance 10.5 that were previously updated from an earlier edition are vulnerable to the auth bypass security issue. Additionally, the business stated that fresh installations of VCD Appliance 10.5 and Linux deployments, along with other appliances, are unaffected by CVE-2023-34060.“When authenticating on port 22 (ssh) or port 5480 on an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can circumvent login restrictions.”

VMware discloses critical VCD Appliance auth bypass with no patch

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

VMware discloses critical VCD Appliance auth bypass with no patch

14-Nov-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address