November 14, 2023 at 04:21PM
VMware has released an urgent patch to fix a serious authentication bypass bug in its Cloud Director Appliance product. The vulnerability, known as CVE-2023-34060, has a severity score of 9.8 out of 10 and can be exploited by attackers with network access. The issue affects instances where the appliance has been upgraded to version 10.5. Other appliances are not affected, and VMware advises businesses to follow their guidance to mitigate the issue.
During the meeting, it was discussed that VMware has identified an urgent vulnerability in its Cloud Director Appliance product. The vulnerability, identified as CVE-2023-34060, has a severity score of 9.8 out of 10 and allows malicious actors with network access to bypass login restrictions when authenticating on certain ports. This vulnerability only affects instances where the appliance has been upgraded to version 10.5 from an older version. A critical bulletin has been released documenting the issue and VMware has clarified that other appliances are not impacted. They recommend businesses using the Cloud Director Appliance to follow their guidance to mitigate the issue.