Security News > 2023 > November > VMWare discloses critical VCD Appliance auth bypass with no patch
VMware disclosed a critical and unpatched authentication bypass vulnerability affecting Cloud Director appliance deployments.
The auth bypass security flaw only affects appliances running VCD Appliance 10.5 that were previously upgraded from an older release.
"On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login restrictions when authenticating on port 22 or port 5480," VMware explains.
"This bypass is not present on port 443. On a new installation of VMware Cloud Director Appliance 10.5, the bypass is not present."
While VMware doesn't have a patch for this critical authentication bypass, the company provided admins with a temporary workaround until security updates are released.
The workaround shared by VMware will only work for affected versions of VCD Appliance 10.5.0, and it requires downloading a custom script attached to this knowledgebase article and running it on cells exposed to the CVE-2023-34060 vulnerability.
News URL
Related news
- Exploit for critical Progress Telerik auth bypass released, patch now (source)
- Exploit for critical Veeam auth bypass available, patch now (source)
- VMware fixes critical vCenter RCE vulnerability, patch now (source)
- Exploit for Veeam Recovery Orchestrator auth bypass available, patch now (source)
- ASUS warns of critical remote authentication bypass on 7 routers (source)
- ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models (source)
- VMware by Broadcom warns of two critical vCenter flaws, plus a nasty sudo bug (source)
- Hackers target new MOVEit Transfer critical auth bypass bug (source)
- GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others (source)
- Critical Windows licensing bugs, plus two others under attack, top Patch Tuesday (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-14 | CVE-2023-34060 | Missing Authentication for Critical Function vulnerability in VMWare Cloud Director VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login restrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console) . | 9.8 |