Количество 18
Количество 18
BDU:2023-05064
Уязвимость набора утилит VMware Tools, связанная с возможностью обхода подписи SAML-токена, позволяющая нарушителю повысить свои привилегии
ROS-20230914-07
Уязвимость open-vm-tools
CVE-2023-20900
A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html .
CVE-2023-20900
A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html .
CVE-2023-20900
A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html .
CVE-2023-20900
A malicious actor that has been granted Guest Operation Privileges ht ...
SUSE-SU-2023:3835-1
Securitys update for open-vm-tools
SUSE-SU-2023:3795-1
Security update for open-vm-tools
SUSE-SU-2023:3507-1
Security update for open-vm-tools
SUSE-SU-2023:3506-1
Security update for open-vm-tools
RLSA-2023:5313
Important: open-vm-tools security update
RLSA-2023:5312
Important: open-vm-tools security update
GHSA-h7h7-f9wh-xhj8
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor with man-in-the-middle (MITM) network positioning between vCenter server and the virtual machine may be able to bypass SAML token signature verification, to perform VMware Tools Guest Operations.
ELSA-2023-5313
ELSA-2023-5313: open-vm-tools security update (IMPORTANT)
ELSA-2023-5312
ELSA-2023-5312: open-vm-tools security update (IMPORTANT)
ELSA-2023-5217
ELSA-2023-5217: open-vm-tools security update (IMPORTANT)
SUSE-SU-2023:3505-1
Security update for open-vm-tools
SUSE-SU-2023:3504-1
Security update for open-vm-tools
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2023-05064 Уязвимость набора утилит VMware Tools, связанная с возможностью обхода подписи SAML-токена, позволяющая нарушителю повысить свои привилегии | CVSS3: 7.5 | 1% Низкий | почти 2 года назад |
 | ROS-20230914-07 Уязвимость open-vm-tools | CVSS3: 7.5 | 1% Низкий | почти 2 года назад |
 | CVE-2023-20900 A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . | CVSS3: 7.1 | 1% Низкий | почти 2 года назад |
 | CVE-2023-20900 A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . | CVSS3: 7.1 | 1% Низкий | почти 2 года назад |
 | CVE-2023-20900 A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . | CVSS3: 7.1 | 1% Низкий | почти 2 года назад |
| CVE-2023-20900 A malicious actor that has been granted Guest Operation Privileges ht ... | CVSS3: 7.1 | 1% Низкий | почти 2 года назад |
 | SUSE-SU-2023:3835-1 Securitys update for open-vm-tools | 1% Низкий | больше 1 года назад | |
| SUSE-SU-2023:3795-1 Security update for open-vm-tools | 1% Низкий | больше 1 года назад | |
| SUSE-SU-2023:3507-1 Security update for open-vm-tools | 1% Низкий | почти 2 года назад | |
| SUSE-SU-2023:3506-1 Security update for open-vm-tools | 1% Низкий | почти 2 года назад | |
 | RLSA-2023:5313 Important: open-vm-tools security update | 1% Низкий | больше 1 года назад | |
| RLSA-2023:5312 Important: open-vm-tools security update | 1% Низкий | больше 1 года назад | |
| GHSA-h7h7-f9wh-xhj8 VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor with man-in-the-middle (MITM) network positioning between vCenter server and the virtual machine may be able to bypass SAML token signature verification, to perform VMware Tools Guest Operations. | CVSS3: 7.5 | 1% Низкий | почти 2 года назад |
| ELSA-2023-5313 ELSA-2023-5313: open-vm-tools security update (IMPORTANT) | почти 2 года назад | ||
| ELSA-2023-5312 ELSA-2023-5312: open-vm-tools security update (IMPORTANT) | почти 2 года назад | ||
| ELSA-2023-5217 ELSA-2023-5217: open-vm-tools security update (IMPORTANT) | почти 2 года назад | ||
| SUSE-SU-2023:3505-1 Security update for open-vm-tools | почти 2 года назад | ||
| SUSE-SU-2023:3504-1 Security update for open-vm-tools | почти 2 года назад |
Уязвимостей на страницу