VMware vCenter Server Partial Information Disclosure Vulnerability
CVE-2023-34056

4.3MEDIUM

Key Information:

Vendor

Vmware
Status
Vmware Vcenter Server
Vmware Cloud Foundation (vmware Vcenter Server)
Vendor
CVE Published:
25 October 2023

Badges

đź“° News Worthy

What is CVE-2023-34056?

vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data.

Affected Version(s)

VMware Cloud Foundation (VMware vCenter Server) Linux 5.x

VMware Cloud Foundation (VMware vCenter Server) Linux 4.x

VMware vCenter Server Linux 8.0 < 8.0U2

News Articles

favicon imageHelp Net Security

VMware patches critical vulnerability in vCenter Server (CVE-2023-34048) - Help Net Security

VMware has fixed a critical out-of-bounds write vulnerability (CVE-2023-34048) in vCenter Server, its popular server management software.

References

https://www.vmware.com/security/advisories/VMSA-2023-0023...

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • đź“°

    First article discovered by Help Net Security

  • Vulnerability published

  • Vulnerability Reserved

.