VMware has reported a significant, unaddressed security flaw in their Cloud Director appliance. This vulnerability, specific to authentication bypass, is present in systems operating on VCD Appliance 10.5 upgraded from older versions. However, it does not affect new installations of VCD Appliance 10.5, Linux-based systems, or other appliance types.
The defect enables unauthorized individuals to exploit the system remotely with minimal complexity and without user interaction. It occurs in upgraded VMware Cloud Director Appliance 10.5, allowing a hostile entity with network access to circumvent login procedures via port 22 (ssh) or port 5480 (appliance management console). This issue is not found in new installations or on port 443 (VCD provider and tenant login).Currently, there is no permanent fix available, but VMware has provided a temporary solution.
The company has issued Security Advisory VMSA-2023-0026 to guide customers on resolving the issue. The interim solution, suitable for VCD Appliance 10.5.0, involves implementing a custom script available in a VMware knowledgebase article.
This script, which addresses the CVE-2023-34060 vulnerability, does not disrupt regular operations or require service restarts or reboots.
Additionally, VMware recently rectified an ESXi zero-day exploited by Chinese state-sponsored actors for data theft and highlighted a critical vulnerability in the Aria Operations for Networks analytics tool. In October, they also remedied a severe vCenter Server issue (CVE-2023-34048), which posed a risk for remote code execution attacks.