open-vm-tools-11.0.5-3.el7.7
エラータID: AXSA:2023-6398:07
The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines.
Security Fix(es):
* open-vm-tools: SAML token signature bypass (CVE-2023-20900)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2023-20900
A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A95... in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479... .
Update packages.
A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html .
N/A
SRPMS
- open-vm-tools-11.0.5-3.el7.7.src.rpm
MD5: cd78a8eaf26f22728e847cac576531b7
SHA-256: f1d0fc3ec781b0c11c6f19aea54fc7bfa69102848523b85f01af540e042f071e
Size: 3.82 MB
Asianux Server 7 for x86_64
- open-vm-tools-11.0.5-3.el7.7.x86_64.rpm
MD5: 009b20ef5f3b2826ef76d71c8e21dd7b
SHA-256: b04b9076fb3f2f6c7aacf30bf7f5c4afde701a003bf81a0c7fc72af13f2c361e
Size: 676.38 kB - open-vm-tools-desktop-11.0.5-3.el7.7.x86_64.rpm
MD5: 309f9d5ff9f4887f0e4c390cb4e3d6cb
SHA-256: 4591daaab9fb676c3283e8922ff118922f5adbee8923effe031b6197c8f5a25f
Size: 179.14 kB
日本語