Lucene search
F5F5:K000138114HistoryJan 02, 2024 - 12:00 a.m.
K000138114 : open-vm-tools vulnerability CVE-2023-34058
2024-01-0200:00:00
my.f5.com
7
vmware tools
saml token
vulnerability
cve-2023-34058
guest operation privileges
guest alias
privilege escalation
Security Advisory Description
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https_://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware._com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html. (CVE-2023-34058)
Impact
There is no impact; F5 products are not affected by this vulnerability.
Related
cvelist
cvelist
CVE-2023-34058
2023-10-27 04:53:09
nvd
nvd
CVE-2023-34058
2023-10-27 05:15:38
cbl_mariner
cbl_mariner
nessus
nessus
VMware Tools 10.3.x / 11.x / 12.x < 12.3.5 Token Bypass (VMSA-2023-0024)
2023-11-01 00:00:00
Debian DSA-5543-1 : open-vm-tools - security update
2023-11-01 00:00:00
RHEL 9 : open-vm-tools (RHSA-2023:7267)
2023-11-15 00:00:00
osv
osv
CVE-2023-34058
2023-10-27 05:15:38
open-vm-tools vulnerabilities
2023-12-06 09:43:32
Important: open-vm-tools security update
2023-11-15 00:00:00
cve
cve
CVE-2023-34058
2023-10-27 05:15:38
prion
prion
Security feature bypass
2023-10-27 05:15:00
veracode
veracode
SAML Token Signature Bypass
2023-10-29 13:19:59
redhatcve
redhatcve
CVE-2023-34058
2023-10-30 13:43:11
debiancve
debiancve
CVE-2023-34058
2023-10-27 05:15:38
ubuntucve
ubuntucve
CVE-2023-34058
2023-10-26 00:00:00
ubuntu
ubuntu
Open VM Tools vulnerabilities
2023-10-31 00:00:00
Open VM Tools vulnerabilities
2023-12-06 00:00:00
openvas
openvas
Fedora: Security Advisory for open-vm-tools (FEDORA-2023-86a50ffc72)
2023-11-08 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:4228-1)
2023-10-30 00:00:00
openSUSE: Security Advisory for open (SUSE-SU-2023:4227-1)
2024-03-04 00:00:00
redhat
redhat
(RHSA-2023:7263) Important: open-vm-tools security update
2023-11-15 17:58:52
(RHSA-2023:7261) Important: open-vm-tools security update
2023-11-15 17:53:56
(RHSA-2023:7267) Important: open-vm-tools security update
2023-11-15 18:11:33
almalinux
almalinux
Important: open-vm-tools security update
2023-11-15 00:00:00
Important: open-vm-tools security update
2023-11-15 00:00:00
amazon
amazon
Important: open-vm-tools
2023-10-30 23:59:00
fedora
fedora
[SECURITY] Fedora 39 Update: open-vm-tools-12.3.0-3.fc39
2023-11-08 01:27:44
[SECURITY] Fedora 37 Update: open-vm-tools-12.3.0-3.fc37
2023-11-08 01:21:13
[SECURITY] Fedora 38 Update: open-vm-tools-12.3.0-3.fc38
2023-11-08 01:40:15
debian
debian
[SECURITY] [DSA 5543-1] open-vm-tools security update
2023-10-31 19:29:14
[SECURITY] [DLA 3646-1] open-vm-tools security update
2023-11-05 22:18:02
freebsd
freebsd
open-vm-tools -- Multiple vulnerabilities
2023-10-26 00:00:00
rocky
rocky
open-vm-tools security update
2023-11-28 22:43:02
oraclelinux
oraclelinux
open-vm-tools security update
2023-11-16 00:00:00
open-vm-tools security update
2023-11-21 00:00:00
open-vm-tools security update
2023-11-16 00:00:00
vmware
vmware
centos
centos
open security update
2024-01-12 19:15:38
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0675
2023-10-27 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0127
2023-10-27 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0499
2023-10-27 00:00:00
mageia
mageia
Updated open-vm-tools packages fix security vulnerabilities
2024-03-14 20:25:59
ibm
ibm
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-01-17 10:00:35