Security News

VMware has fixed a critical authentication bypass vulnerability in Cloud Director appliance deployments, a bug that was left unpatched for over two weeks since it was disclosed on November 14th. Cloud Director is a VMware platform that enables admins to manage data centers spread across multiple locations as Virtual Data Centers. "On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login restrictions when authenticating on port 22 or port 5480," VMware explains.

VMware is warning of a critical and unpatched security flaw in Cloud Director that could be exploited by a malicious actor to get around authentication protections. Tracked as CVE-2023-34060 (CVSS...

VMware disclosed a critical and unpatched authentication bypass vulnerability affecting Cloud Director appliance deployments. The auth bypass security flaw only affects appliances running VCD Appliance 10.5 that were previously upgraded from an older release.

Cloud computing company VMware rolled out new cloud, AI, edge and data services at VMware Explore Barcelona 2023 on November 7. "We truly believe private AI will become the default architecture for enabling generative AI in the enterprise," said Chris Wolf, vice president of VMware AI Labs, in a pre-briefing for the media on November 2.

1Password also affected by Okta Support System breachFollowing in the footsteps of BeyondTrust and CloudFlare, 1Password has revealed that it has been affected by the Okta Support System breach. Microsoft announces wider availability of AI-powered Security CopilotMicrosoft Security Copilot has been made available to a larger number of enterprise customers, via an invitation-only Early Access Program.

VMware has fixed a critical out-of-bounds write vulnerability and a moderate-severity information disclosure flaw in vCenter Server, its popular server management software.CVE-2023-34048 allows an attacker with network access to a vulnerable vCenter Server virtual appliance to trigger an out-of-bounds write that can lead to remote code execution.

VMware has released security updates to address a critical flaw in the vCenter Server that could result in remote code execution on affected systems. The issue, tracked as CVE-2023-34048 (CVSS...

VMware issued security updates to fix a critical vCenter Server vulnerability that can be exploited to gain remote code execution attacks on vulnerable servers. vCenter Server is the central management hub for VMware's vSphere suite, and it helps administrators manage and monitor virtualized infrastructure.

Virtualization services provider VMware has alerted customers to the existence of a proof-of-concept (PoC) exploit for a recently patched security flaw in Aria Operations for Logs. Tracked as...

Takes rare step of issuing patches for end-of-life versions, as some staff report end-of-career letters VMware has disclosed a critical vulnerability in its vCenter Server – and that it issued an...