Lucene search

K

Redhat.comRH:CVE-2023-20900

HistorySep 01, 2023 - 7:42 p.m.

CVE-2023-20900

2023-09-0119:42:11

redhat.com

access.redhat.com

51

cve-2023-20900

saml token bypass

guest operation privileges

privilege escalation

guest alias

7.5 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.1%

An improper signature verification flaw was found in open-vm-tools that may lead to a bypass of SAML token signature. A malicious actor that has been granted Guest Operation Privileges in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias.

References

bugzilla.redhat.com/show_bug.cgi?id=2236542

github.com/vmware/open-vm-tools/blob/CVE-2023-20900.patch/CVE-2023-20900.patch

nvd.nist.gov/vuln/detail/CVE-2023-20900

www.cve.org/CVERecord?id=CVE-2023-20900

7.5 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.1%

Related for RH:CVE-2023-20900

nessus36 redos1 oraclelinux3 rocky2 redhat8 debian2 osv9 ubuntu2 openvas15 veracode1 almalinux2 cve1 rosalinux1 vmware2 nvd1 cvelist1 ubuntucve1 amazon1 alpinelinux1 debiancve1 prion1 fedora3 photon3 thn1 ibm3