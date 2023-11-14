VMware has disclosed a critical authentication bypass vulnerability that affects Cloud Director appliance deployments. This security flaw specifically impacts appliances running VCD Appliance 10.5 that were previously upgraded from an older release. However, fresh installations of VCD Appliance 10.5, Linux deployments, and other appliances are not affected.

The vulnerability enables unauthenticated attackers to exploit the bug through low-complexity attacks that require no user interaction. By bypassing login restrictions on ports 22 (ssh) and 5480 (appliance management console), malicious actors with network access to the appliance can gain unauthorized access. It’s important to note that this bypass is not present on port 443 (VCD provider and tenant login).

While VMware has not released a patch for this critical authentication bypass, the company has shared a temporary workaround to mitigate the issue until security updates become available. Administrators of affected versions of VCD Appliance 10.5.0 can download a custom script provided by VMware and run it on cells exposed to the CVE-2023-34060 vulnerability. Fortunately, the workaround does not cause any functional disruptions, and downtime is not a concern as service restart or reboot is unnecessary.

VMware advises their customers to refer to VMware Security Advisory VMSA-2023-0026 for more information on the issue and the appropriate upgrade path to resolve it. This advisory helps users understand the vulnerability and the steps they can take to protect their environments.

FAQ

1. What is VMware Cloud Director?

VMware Cloud Director is a software platform that enables VMware admins to manage cloud services within their organizations as part of Virtual Data Centers (VDC).

2. Which versions of VCD Appliance are affected by the authentication bypass vulnerability?

The vulnerability affects VCD Appliance 10.5 versions that were upgraded from older releases.

3. Are fresh installations of VCD Appliance 10.5 impacted?

No, fresh installations of VCD Appliance 10.5 are not affected by this authentication bypass vulnerability.

4. How can administrators mitigate the vulnerability?

VMware has provided a temporary workaround for affected versions of VCD Appliance 10.5. Administrators can download a custom script from VMware and execute it on cells exposed to the CVE-2023-34060 vulnerability.

5. Is downtime required to implement the workaround?

No, downtime is not necessary as the workaround does not cause any functional disruptions, avoiding the need for service restart or reboot.