vulnerability

VMware VMware Tools: Authentication Bypass vulnerability (VMSA-2023-0013) (CVE-2023-20867)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:L/AC:H/Au:N/C:P/I:P/A:N)	06/13/2023	06/27/2023	06/28/2023

Severity

CVSS

(AV:L/AC:H/Au:N/C:P/I:P/A:N)

Published

06/13/2023

Added

06/27/2023

Modified

06/28/2023

Description

VMware Tools contains an Authentication Bypass vulnerability in the vgauth module. A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.

Solution

vmware-vmware_tools-upgrade-latest

References

CVE-2023-20867
https://attackerkb.com/topics/CVE-2023-20867
URL-https://www.vmware.com/security/advisories/VMSA-2023-0013.html

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today