December 7, 2023

VMWare has patched two significant security flaws in the VMware vCenter Server that could lead to an information disclosure and code execution.

1. Out-of-Bounds Write Vulnerability

The vulnerability tracked as CVE-2023-34048, with a CVSS score of 9.8 deemed to be critical. An out-of-bounds write vulnerability has been discovered in the vCenter Server, specifically in its implementation of the DCERPC protocol. A malicious actor, if they can gain network access to the vCenter Server, might potentially initiate an out-of-bounds write, leading to the possibility of remote code execution.

Affected Versions:

  • VMware vCenter Server versions 8.0 and 7.0
  • VMware Cloud Foundation (VMware vCenter Server) versions 5.x and 4.x

Patched Versions:

  • VMware vCenter Server versions 8.0U2, 8.0U1d, and 7.0U3o
  • VMware Cloud Foundation (VMware vCenter Server) fortified with the KB88287 patch.

Recognizing the critical nature of this vulnerability, VMware has taken the unusual step of offering patches for end-of-life products not typically mentioned in its security advisories. These include patches for vCenter Server versions such as 6.7U3, 6.5U3, and VCF 3.x. Furthermore, additional patches for vCenter Server 8.0U1 and asynchronous patches for VCF 5.x and 4.x deployments are now available.

Advertisements

2. Partial Information Disclosure Vulnerability

The vulnerability tracked as CVE-2023-34056, with a CVSS score of 4.3. A more subdued, yet still significant, vulnerability has been detected as a partial information disclosure flaw in the vCenter Server. While not as severe as the first, this vulnerability provides a gateway for malicious actors. Those with non-administrative privileges to the vCenter Server could potentially exploit this flaw to gain unauthorized access to data.

Affected Versions:

  • VMware vCenter Server versions 8.0 and 7.0
  • VMware Cloud Foundation (VMware vCenter Server) versions 5.x and 4.x

Patched Versions:

  • VMware vCenter Server versions 8.0U2, 8.0U1d, and 7.0U3o
  • VMware Cloud Foundation (VMware vCenter Server) integrated with the KB88287 patch.

CVE-2023-34048 and CVE-2023-34056 are two critical vulnerabilities that were recently discovered in VMware vCenter Server. These vulnerabilities could allow attackers to take over a vCenter Server instance or access unauthorized data.

It is strongly recommended that you apply the patches that VMware has released for these vulnerabilities as soon as possible.

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

Atlassian fixes critical RCE vulnerabilities in its products

December 6, 2023

Microsoft Echo’s on APT 28 exploiting CVE-2023-23397

December 5, 2023

Papercut Privilege Escalation Vulnerability Unearthed

December 5, 2023

DanaBot Trojan Deploying Cactus Ransomware

December 4, 2023

LogoFAIL Firmware Attack

December 3, 2023

Proliance Surgeons Discloses a Data Breach

December 3, 2023
%d