overview
A critical vulnerability (CVE-2023-34060) has been found in VMware Cloud Director instances upgraded to version 10.5 from an older version. CVE-2023-34060 has a CVSS score of 9.8 and allows attackers to bypass authentication protections.
On an upgraded version of VMware Cloud Director Appliance 10.5, an attacker with network access to the appliance can exploit the flaw when authenticating on port 22 (SSH) or port 5480 (Appliance Management Console). Please note that the bypass is not present on port 443 (VCD Provider and Tenant Login) or on new installations of VMware Cloud Director Appliance 10.5.
The risk stems from the use of a version of sssd from the underlying Photon OS affected by CVE-2023-34060. While VMware has not released a patch, they have released a workaround in the form of a shell script ("WA_CVE-2023-34060.sh"). Admins are urged to download and execute this script on affected cells exposed to the vulnerability. VMware stated that implementing this temporary mitigation will not result in downtime or affect the functionality of Cloud Director installations. Avertium recommends implementing the mitigations as soon as possible.
INDICATORS OF COMPROMISE (IoCs)
At this time, there are no known IoCs associated with CVE-2023-34060. Avertium remains vigilant in locating IoCs for our customers. Should any be located, Avertium will disclose them as soon as possible. For more information on how Avertium can help protect your organization, please reach out to your Avertium Service Delivery Manager or Account Executive.
SUPPORTING DOCUMENTATION