top of page
  • Clipeus

VMware PAM Vulnerability

On 14 November, VMware disclosed a critical vulnerability consisting of a misconfiguration of pluggable authentication module (PAM) files enabling a potential unauthorized attacker with network access to gain access to the system via secure shell (port 22) or appliance management console (port 5480). The vulnerability has no patch; however, VMware provided a workaround consistent with a specific PAM configuration.



If you are interested in specifics or additional insights on the threats above or any other threat, please visit our dedicated service page or reach out to with your inquiry. We would be glad to assist you

bottom of page