3a. Authentication Bypass vulnerability in VMware Tools (CVE-2023-20867)
VMware Tools contains an Authentication Bypass vulnerability in the vgauth module. VMware has evaluated the severity of this issue to be in the Low severity range with a maximum CVSSv3 base score of 3.9.
CPE | Name | Operator | Version |
---|---|---|---|
vmware tools | lt | 12.2.5 | |
vmware tools | lt | 10.3.26 |
customerconnect.vmware.com/downloads/details?downloadGroup=VMTOOLS10326&productId=742
customerconnect.vmware.com/downloads/details?downloadGroup=VMTOOLS1225&productId=1259&rPId=106172
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20867
docs.vmware.com/en/VMware-Tools/10.3/rn/vmware-tools-10326-release-notes/index.html
www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N