top of page
  • Clipeus

VMware PAM Vulnerability: Patch Released

On 30 November 2023, VMware released a patch for the vulnerability tracked as CVE-2023-34060.


As per our previous reporting, the vulnerability stems from a misconfiguration of pluggable authentication module (PAM) files, which would enable an attacker with network access to gain access to the system via SSH (port 22) or the appliance management console (port 5480).


While VMware had already provided a workaround on 14 November, when the vulnerability was disclosed, the issue was patched with VMware Cloud Director Appliance 10.5.1.

Kommentare


Die Kommentarfunktion wurde abgeschaltet.

If you are interested in specifics or additional insights on the threats above or any other threat, please visit our dedicated service page or reach out to info@clipeusintelligence.com with your inquiry. We would be glad to assist you

bottom of page