SUSE update for Securitys update for open-vm-tools

Published: 2023-09-27

Risk	Medium
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2023-20900
CWE-ID	CWE-310
Exploitation vector	Local network
Public exploit	N/A
Vulnerable software Subscribe	Desktop Applications Module Operating systems & Components / Operating system Basesystem Module Operating systems & Components / Operating system SUSE Linux Enterprise Micro for Rancher Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system SUSE Linux Enterprise Desktop 15 Operating systems & Components / Operating system SUSE Linux Enterprise Micro Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 SP3 LTSS Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing LTSS 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing ESPOS 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system SUSE Enterprise Storage Operating systems & Components / Operating system SUSE Manager Retail Branch Server Operating systems & Components / Operating system SUSE Manager Server Operating systems & Components / Operating system SUSE Manager Proxy Operating systems & Components / Operating system open-vm-tools-salt-minion Operating systems & Components / Operating system package or component libvmtools0-debuginfo Operating systems & Components / Operating system package or component open-vm-tools Operating systems & Components / Operating system package or component libvmtools0 Operating systems & Components / Operating system package or component libvmtools-devel Operating systems & Components / Operating system package or component open-vm-tools-sdmp Operating systems & Components / Operating system package or component open-vm-tools-desktop-debuginfo Operating systems & Components / Operating system package or component open-vm-tools-debugsource Operating systems & Components / Operating system package or component open-vm-tools-sdmp-debuginfo Operating systems & Components / Operating system package or component open-vm-tools-containerinfo Operating systems & Components / Operating system package or component open-vm-tools-debuginfo Operating systems & Components / Operating system package or component open-vm-tools-containerinfo-debuginfo Operating systems & Components / Operating system package or component open-vm-tools-desktop Operating systems & Components / Operating system package or component
Vendor	SUSE

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Cryptographic issues

EUVDB-ID: #VU80188

Risk: Medium

CVSSv3.1: 5.9 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-20900

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to improper verification of SAML token signature. A remote attacker can bypass SAML token signature verification and perform man-in-the-middle (MITM) network positioning between vCenter server and the virtual machine.

Mitigation

Update the affected package Securitys update for open-vm-tools to the latest version.

Vulnerable software versions

Desktop Applications Module: 15-SP4 - 15-SP5

Basesystem Module: 15-SP4 - 15-SP5

SUSE Linux Enterprise Micro for Rancher: 5.2 - 5.4

SUSE Linux Enterprise Server for SAP Applications 15: SP3 - SP5

SUSE Linux Enterprise Server 15: SP3 - SP5

SUSE Linux Enterprise Real Time 15: SP4 - SP5

SUSE Linux Enterprise High Performance Computing 15: SP3 - SP5

SUSE Linux Enterprise Desktop 15: SP4 - SP5

SUSE Linux Enterprise Micro: 5.1 - 5.4

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP3

openSUSE Leap: 15.4 - 15.5

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2 - 4.3

SUSE Manager Server: 4.2 - 4.3

SUSE Manager Proxy: 4.2 - 4.3

open-vm-tools-salt-minion: before 12.3.0-150300.37.1

libvmtools0-debuginfo: before 12.3.0-150300.37.1

open-vm-tools: before 12.3.0-150300.37.1

libvmtools0: before 12.3.0-150300.37.1

libvmtools-devel: before 12.3.0-150300.37.1

open-vm-tools-sdmp: before 12.3.0-150300.37.1

open-vm-tools-desktop-debuginfo: before 12.3.0-150300.37.1

open-vm-tools-debugsource: before 12.3.0-150300.37.1

open-vm-tools-sdmp-debuginfo: before 12.3.0-150300.37.1

open-vm-tools-containerinfo: before 12.3.0-150300.37.1

open-vm-tools-debuginfo: before 12.3.0-150300.37.1

open-vm-tools-containerinfo-debuginfo: before 12.3.0-150300.37.1

open-vm-tools-desktop: before 12.3.0-150300.37.1

External links

http://www.suse.com/support/update/announcement/2023/suse-su-20233835-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.