Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2023-AVI-0483
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une atteinte à l'intégrité des données et une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Cloud Foundation | Cloud Foundation versions 7.0 antérieures à 7.0 U3m | ||
| VMware | Cloud Foundation | Cloud Foundation versions 8.0 antérieures à 8.0 U1b | ||
| VMware | vCenter Server | vCenter Server versions 7.0 antérieures à 7.0 U3m | ||
| VMware | vCenter Server | vCenter Server versions 8.0 antérieures à 8.0 U1b |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cloud Foundation versions 7.0 ant\u00e9rieures \u00e0 7.0 U3m",
"product": {
"name": "Cloud Foundation",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Foundation versions 8.0 ant\u00e9rieures \u00e0 8.0 U1b",
"product": {
"name": "Cloud Foundation",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "vCenter Server versions 7.0 ant\u00e9rieures \u00e0 7.0 U3m",
"product": {
"name": "vCenter Server",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "vCenter Server versions 8.0 ant\u00e9rieures \u00e0 8.0 U1b",
"product": {
"name": "vCenter Server",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-20896",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20896"
},
{
"name": "CVE-2023-20893",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20893"
},
{
"name": "CVE-2023-20894",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20894"
},
{
"name": "CVE-2023-20895",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20895"
},
{
"name": "CVE-2023-20892",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20892"
}
],
"initial_release_date": "2023-06-22T00:00:00",
"last_revision_date": "2023-06-22T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0483",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-06-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits VMware\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une ex\u00e9cution de\ncode arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2023-0014 du 22 juin 2023",
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0014.html"
}
]
}
CVE-2023-20893 (GCVE-0-2023-20893)
Vulnerability from cvelistv5
Published
2023-06-22 11:52
Modified
2025-02-13 16:40
Severity ?
VLAI Severity ?
EPSS score ?
Summary
The VMware vCenter Server contains a use-after-free vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| VMware | VMware vCenter Server (vCenter Server) |
Version: 8.0 Version: 7.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:21:33.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0014.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1799"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20893",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T19:52:15.538467Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T19:53:41.839Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux",
"Android",
"x86",
"ARM",
"64 bit",
"32 bit",
"MacOS",
"iOS"
],
"product": "VMware vCenter Server (vCenter Server)",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.0 U1b",
"status": "affected",
"version": "8.0",
"versionType": "8.0 u1b"
},
{
"lessThan": "7.0 u3m",
"status": "affected",
"version": "7.0",
"versionType": "7.0 u3m"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux",
"Android",
"64 bit",
"32 bit",
"ARM",
"x86",
"MacOS",
"iOS"
],
"product": "VMware Cloud Foundation (vCenter Server)",
"vendor": "VMware",
"versions": [
{
"lessThan": "7.0 U3m, 8.0 U1b",
"status": "affected",
"version": "5.x",
"versionType": "7.0 U3m, 8.0 U1b"
},
{
"lessThan": "7.0 U3m, 8.0 U1b",
"status": "affected",
"version": "4.x",
"versionType": "7.0 U3m, 8.0 U1b"
}
]
}
],
"datePublic": "2023-06-22T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The VMware vCenter Server contains a use-after-free vulnerability in the implementation of the DCERPC protocol.\u0026nbsp;A malicious actor with network access to vCenter Server may exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server."
}
],
"value": "The VMware vCenter Server contains a use-after-free vulnerability in the implementation of the DCERPC protocol.\u00a0A malicious actor with network access to vCenter Server may exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T22:06:27.336Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0014.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1799"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2023-20893",
"datePublished": "2023-06-22T11:52:32.771Z",
"dateReserved": "2022-11-01T15:41:50.394Z",
"dateUpdated": "2025-02-13T16:40:07.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20894 (GCVE-0-2023-20894)
Vulnerability from cvelistv5
Published
2023-06-22 11:54
Modified
2025-02-13 16:40
Severity ?
VLAI Severity ?
EPSS score ?
Summary
The VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bound write by sending a specially crafted packet leading to memory corruption.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| VMware | VMware vCenter Server (vCenter Server) |
Version: 8.0 Version: 7.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:21:33.718Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0014.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1658"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20894",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T21:22:16.773546Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T21:22:35.614Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux",
"Android",
"x86",
"ARM",
"64 bit",
"32 bit",
"MacOS",
"iOS"
],
"product": "VMware vCenter Server (vCenter Server)",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.0 U1b",
"status": "affected",
"version": "8.0",
"versionType": "8.0 u1b"
},
{
"lessThan": "7.0 u3m",
"status": "affected",
"version": "7.0",
"versionType": "7.0 u3m"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux",
"Android",
"64 bit",
"32 bit",
"ARM",
"x86",
"MacOS",
"iOS"
],
"product": "VMware Cloud Foundation (vCenter Server)",
"vendor": "VMware",
"versions": [
{
"lessThan": "7.0 U3m, 8.0 U1b",
"status": "affected",
"version": "5.x",
"versionType": "7.0 U3m, 8.0 U1b"
},
{
"lessThan": "7.0 U3m, 8.0 U1b",
"status": "affected",
"version": "4.x",
"versionType": "7.0 U3m, 8.0 U1b"
}
]
}
],
"datePublic": "2023-06-22T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol.\u0026nbsp;A malicious actor with network access to vCenter Server may trigger an out-of-bound write by sending a specially crafted packet leading to memory corruption."
}
],
"value": "The VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol.\u00a0A malicious actor with network access to vCenter Server may trigger an out-of-bound write by sending a specially crafted packet leading to memory corruption."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T22:06:21.798Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0014.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1658"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2023-20894",
"datePublished": "2023-06-22T11:54:04.383Z",
"dateReserved": "2022-11-01T15:41:50.395Z",
"dateUpdated": "2025-02-13T16:40:07.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20892 (GCVE-0-2023-20892)
Vulnerability from cvelistv5
Published
2023-06-22 11:47
Modified
2025-02-13 16:39
Severity ?
VLAI Severity ?
EPSS score ?
Summary
The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit heap-overflow vulnerability to execute arbitrary code on the underlying operating system that hosts vCenter Server.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| VMware | VMware vCenter Server (vCenter Server) |
Version: 8.0 Version: 7.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:21:33.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0014.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1801"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20892",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T19:47:18.896428Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T19:48:19.259Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux",
"Android",
"x86",
"ARM",
"64 bit",
"32 bit",
"MacOS",
"iOS"
],
"product": "VMware vCenter Server (vCenter Server)",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.0 U1b",
"status": "affected",
"version": "8.0",
"versionType": "8.0 u1b"
},
{
"lessThan": "7.0 u3m",
"status": "affected",
"version": "7.0",
"versionType": "7.0 u3m"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux",
"Android",
"64 bit",
"32 bit",
"ARM",
"x86",
"MacOS",
"iOS"
],
"product": "VMware Cloud Foundation (vCenter Server)",
"vendor": "VMware",
"versions": [
{
"lessThan": "7.0 U3m, 8.0 U1b",
"status": "affected",
"version": "5.x",
"versionType": "7.0 U3m, 8.0 U1b"
},
{
"lessThan": "7.0 U3m, 8.0 U1b",
"status": "affected",
"version": "4.x",
"versionType": "7.0 U3m, 8.0 U1b"
}
]
}
],
"datePublic": "2023-06-22T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol.\u0026nbsp;A malicious actor with network access to vCenter Server may exploit\u0026nbsp;\u003cb\u003eheap-overflow vulnerability\u0026nbsp;\u003c/b\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eto execute arbitrary code on the underlying operating system that hosts vCenter Server.\u003c/span\u003e"
}
],
"value": "The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol.\u00a0A malicious actor with network access to vCenter Server may exploit\u00a0heap-overflow vulnerability\u00a0to execute arbitrary code on the underlying operating system that hosts vCenter Server."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T22:07:04.222Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0014.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1801"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "VMware vCenter Server heap-overflow vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2023-20892",
"datePublished": "2023-06-22T11:47:19.390Z",
"dateReserved": "2022-11-01T15:41:50.394Z",
"dateUpdated": "2025-02-13T16:39:51.341Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20896 (GCVE-0-2023-20896)
Vulnerability from cvelistv5
Published
2023-06-22 12:00
Modified
2025-02-13 16:40
Severity ?
VLAI Severity ?
EPSS score ?
Summary
The VMware vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds read by sending a specially crafted packet leading to denial-of-service of certain services (vmcad, vmdird, and vmafdd).
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| VMware | VMware vCenter Server (vCenter Server) |
Version: 8.0 Version: 7.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:21:33.642Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0014.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1800"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20896",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T19:54:25.466243Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T19:54:33.109Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux",
"Android",
"x86",
"ARM",
"64 bit",
"32 bit",
"MacOS",
"iOS"
],
"product": "VMware vCenter Server (vCenter Server)",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.0 U1b",
"status": "affected",
"version": "8.0",
"versionType": "8.0 u1b"
},
{
"lessThan": "7.0 u3m",
"status": "affected",
"version": "7.0",
"versionType": "7.0 u3m"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux",
"Android",
"64 bit",
"32 bit",
"ARM",
"x86",
"MacOS",
"iOS"
],
"product": "VMware Cloud Foundation (vCenter Server)",
"vendor": "VMware",
"versions": [
{
"lessThan": "7.0 U3m, 8.0 U1b",
"status": "affected",
"version": "5.x",
"versionType": "7.0 U3m, 8.0 U1b"
},
{
"lessThan": "7.0 U3m, 8.0 U1b",
"status": "affected",
"version": "4.x",
"versionType": "7.0 U3m, 8.0 U1b"
}
]
}
],
"datePublic": "2023-06-22T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The VMware vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol.\u0026nbsp;A malicious actor with network access to vCenter Server may trigger an out-of-bounds read by sending a specially crafted packet leading to denial-of-service of certain services (vmcad, vmdird, and vmafdd)."
}
],
"value": "The VMware vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol.\u00a0A malicious actor with network access to vCenter Server may trigger an out-of-bounds read by sending a specially crafted packet leading to denial-of-service of certain services (vmcad, vmdird, and vmafdd)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T22:06:28.775Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0014.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1800"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2023-20896",
"datePublished": "2023-06-22T12:00:45.390Z",
"dateReserved": "2022-11-01T15:41:50.395Z",
"dateUpdated": "2025-02-13T16:40:09.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20895 (GCVE-0-2023-20895)
Vulnerability from cvelistv5
Published
2023-06-22 11:57
Modified
2025-02-13 16:40
Severity ?
VLAI Severity ?
EPSS score ?
Summary
The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| VMware | VMware vCenter Server (vCenter Server) |
Version: 8.0 Version: 7.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:21:33.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0014.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1740"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20895",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T18:58:48.469755Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T18:59:02.540Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux",
"Android",
"x86",
"ARM",
"64 bit",
"32 bit",
"MacOS",
"iOS"
],
"product": "VMware vCenter Server (vCenter Server)",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.0 U1b",
"status": "affected",
"version": "8.0",
"versionType": "8.0 u1b"
},
{
"lessThan": "7.0 u3m",
"status": "affected",
"version": "7.0",
"versionType": "7.0 u3m"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux",
"Android",
"64 bit",
"32 bit",
"ARM",
"x86",
"MacOS",
"iOS"
],
"product": "VMware Cloud Foundation (vCenter Server)",
"vendor": "VMware",
"versions": [
{
"lessThan": "7.0 U3m, 8.0 U1b",
"status": "affected",
"version": "5.x",
"versionType": "7.0 U3m, 8.0 U1b"
},
{
"lessThan": "7.0 U3m, 8.0 U1b",
"status": "affected",
"version": "4.x",
"versionType": "7.0 U3m, 8.0 U1b"
}
]
}
],
"datePublic": "2023-06-22T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol.\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eA malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication.\u003c/span\u003e"
}
],
"value": "The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol.\u00a0A malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T22:07:15.577Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0014.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1740"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2023-20895",
"datePublished": "2023-06-22T11:57:15.954Z",
"dateReserved": "2022-11-01T15:41:50.395Z",
"dateUpdated": "2025-02-13T16:40:08.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…