28 results (0.004 seconds)

CVSS: 7.4EPSS: 0%CPEs: 4EXPL: 0

CVE-2023-34059 – open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper

https://notcve.org/view.php?id=CVE-2023-34059

open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs. open-vm-tools contiene una vulnerabilidad de secuestro de descriptores de archivos en vmware-user-suid-wrapper. Un actor malintencionado con privilegios no root puede secuestrar el descriptor del archivo /dev/uinput, permitiéndole simular las entradas del usuario. A flaw was found in open-vm-tools. This flaw allows a malicious actor with non-root privileges to hijack the /dev/uinput file descriptor, allowing them to simulate user inputs. • http://www.openwall.com/lists/oss-security/2023/10/27/2 http://www.openwall.com/lists/oss-security/2023/10/27/3 http://www.openwall.com/lists/oss-security/2023/11/26/1 http://www.openwall.com/lists/oss-security/2023/11/27/1 https://lists.debian.org/debian-lts-announce/2023/11/msg00002.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G7G77Z76CQPGUF7VHRA6O3UFCMPPR4O2 https://lists.fedoraproject.org/archives/list/package-announce@lists • CWE-266: Incorrect Privilege Assignment •

CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0

CVE-2023-34058 – open-vm-tools: SAML token signature bypass

https://notcve.org/view.php?id=CVE-2023-34058

VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html  in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . VMware Tools contiene una vulnerabilidad de omisión de firma de token SAML. Un actor malicioso al que se le han otorgado privilegios de operación de invitado https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html en una máquina virtual de destino es posible que pueda elevar sus privilegios si a esa máquina virtual de destino se le ha asignado un Alias de Invitado más privilegiado https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html. A flaw was found in open-vm-tools. • http://www.openwall.com/lists/oss-security/2023/10/27/1 https://lists.debian.org/debian-lts-announce/2023/11/msg00002.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G7G77Z76CQPGUF7VHRA6O3UFCMPPR4O2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQUOFQL2SNNNMKROQ3TZQY4HEYMNOIBW https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLTKVTRKQW2GD2274H3UOW6XU4E62GSK https://www.debian.org/security/2023/ • CWE-347: Improper Verification of Cryptographic Signature CWE-1220: Insufficient Granularity of Access Control •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-34057

https://notcve.org/view.php?id=CVE-2023-34057

VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine. VMware Tools contiene una vulnerabilidad de escalada de privilegios local. Un actor malintencionado con acceso de usuario local a una máquina virtual invitada puede elevar los privilegios dentro de la máquina virtual. • https://www.vmware.com/security/advisories/VMSA-2023-0024.html • CWE-269: Improper Privilege Management •

CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0

CVE-2023-20900 – open-vm-tools: SAML token signature bypass

https://notcve.org/view.php?id=CVE-2023-20900

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html  in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . Un actor malicioso al que se le han otorgado Privilegios de Operación de Invitado https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html en una máquina virtual de destino es posible que pueda elevar sus privilegios si a esa máquina virtual de destino se le ha asignado un Alias de Invitado más privilegiado https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/ 07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html. An improper signature verification flaw was found in open-vm-tools that may lead to a bypass of SAML token signature. A malicious actor that has been granted Guest Operation Privileges in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias. • http://www.openwall.com/lists/oss-security/2023/08/31/1 http://www.openwall.com/lists/oss-security/2023/10/27/1 https://lists.debian.org/debian-lts-announce/2023/10/msg00000.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NVKQ6Y2JFJRWPFOZUOTFO3H27BK5GGOG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJNJMD67QIT6LXLKWSHFM47DCLRSMT6W https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message& • CWE-294: Authentication Bypass by Capture-replay CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 3.9EPSS: 0%CPEs: 7EXPL: 0

CVE-2023-20867 – VMware Tools Authentication Bypass Vulnerability

https://notcve.org/view.php?id=CVE-2023-20867

A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. Un host ESXi totalmente comprometido puede obligar a VMware Tools a no poder autenticar las operaciones de host a invitado, lo que afecta la confidencialidad y la integridad de la máquina virtual invitada. A flaw was found in the open-vm-tools package. An attacker with root access privileges over ESXi may be able to cause an authentication bypass in the vgauth module. This may lead to compromised confidentiality and integrity. • http://www.openwall.com/lists/oss-security/2023/10/16/11 http://www.openwall.com/lists/oss-security/2023/10/16/2 https://lists.debian.org/debian-lts-announce/2023/08/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NVKQ6Y2JFJRWPFOZUOTFO3H27BK5GGOG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJNJMD67QIT6LXLKWSHFM47DCLRSMT6W https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message • CWE-287: Improper Authentication •