Low
1. Impacted Products
- VMware Tools
2. Introduction
An Authentication Bypass vulnerability in VMware Tools was responsibly reported to VMware. Updates are available to remediate this vulnerability in the affected VMware products.
3a. Authentication Bypass vulnerability in VMware Tools (CVE-2023-20867)
Description
VMware Tools contains an Authentication Bypass vulnerability in the vgauth module. VMware has evaluated the severity of this issue to be in the Low severity range with a maximum CVSSv3 base score of 3.9.
Known Attack Vectors
A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.
Resolution
To remediate CVE-2023-20867 update to the version listed in the 'Fixed Version' column of the 'Response Matrix' found below.
Workarounds
None.
Additional Documentation
Given the requirement that an attacker must have root access over ESXi to exploit the vulnerability described by CVE-2023-20867, please review 'vSphere Security: Proactive and Continuous' which describes a holistic approach to security best practices.
Notes
Acknowledgements
VMware would like to thank Mandiant for reporting this issue to us.
Response Matrix
Product | Version | Running On | CVE Identifier | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
VMware Tools
|
12.x.x, 11.x.x, 10.3.x
|
Any
|
CVE-2023-20867
|
low
|
None
|
|||
VMware Tools
|
10.3.x
|
Linux
|
CVE-2023-20867
|
low
|
None
|
4. References
Fixed Version(s) and Release Notes:
VMware Tools 12.2.5
https://customerconnect.vmware.com/downloads/details?downloadGroup=VMTOOLS1225&productId=1259&rPId=106172
VMware Tools for Linux 10.3.26
Downloads and Documentation:
https://customerconnect.vmware.com/downloads/details?downloadGroup=VMTOOLS10326&productId=742
https://docs.vmware.com/en/VMware-Tools/10.3/rn/vmware-tools-10326-release-notes/index.html
Mitre CVE Dictionary Links:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20867
FIRST CVSSv3 Calculator:
CVE-2023-20867: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
5. Change Log
2023-06-13 VMSA-2023-0013
Initial security advisory.
6. Contact
E-mail: security@vmware.com
PGP key at:
https://kb.vmware.com/kb/1055
VMware Security Advisories
http://www.vmware.com/security/advisories
VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html
VMware Security & Compliance Blog
https://blogs.vmware.com/security
Twitter
https://twitter.com/VMwareSRC