3. Authentication Bypass Vulnerability (CVE-2023-34060)
VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
CPE | Name | Operator | Version |
---|---|---|---|
vmware cloud director appliance | eq | 10.5 if upgraded from 10.4.x | |
vmware cloud director appliance | eq | below. |
customerconnect.vmware.com/en/downloads/info/slug/datacenter_cloud_infrastructure/vmware_cloud_director/10_5
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34060
docs.vmware.com/en/VMware-Cloud-Director/10.5.1/rn/vmware-cloud-director-1051-release-notes/index.html
github.com/vmware/photon/wiki/security-advisory-CVE-2023-34060
kb.vmware.com/s/article/95534
www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H