VMware Warns of Unpatched Critical Cloud Director Vulnerability

VMware has issued a critical and unpatched security advisory for Cloud Director, which could be exploited by a malicious actor to circumvent authentication safeguards.

The vulnerability, identified as CVE-2023-34060 (CVSS score: 9.8), affects instances that have been upgraded to version 10.5 from an earlier version.

A malicious actor with network access to the appliance can bypass login restrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console) on an upgraded version of VMware Cloud Director Appliance 10.5, according to the company in an alert.

On port 443 (VCD provider and tenant login), this bypass is not present read more VMware Warns of Unpatched Critical Cloud Director Vulnerability.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *