Detections
Analytics
Fedora 39 : open-vm-tools (2023-20b6ac4b6c)
high Nessus Plugin ID 185181
Language:
Synopsis
The remote Fedora host is missing one or more security updates.Description
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-20b6ac4b6c advisory.- A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. (CVE-2023-20867)
- A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware- vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr- public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd- db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . (CVE-2023-20900)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected open-vm-tools package.See Also
https://bodhi.fedoraproject.org/updates/FEDORA-2023-20b6ac4b6c
Plugin Details
Severity: High
ID: 185181
File Name: fedora_2023-20b6ac4b6c.nasl
Version: 1.0
Type: local
Agent: unix
Family: Fedora Local Security Checks
Published: 11/7/2023
Updated: 11/7/2023
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.6
Vector: CVSS2#AV:A/AC:H/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2023-20900
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 7
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:fedoraproject:fedora:39, p-cpe:/a:fedoraproject:fedora:open-vm-tools
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 9/11/2023
Vulnerability Publication Date: 6/13/2023
CISA Known Exploited Vulnerability Due Dates: 7/14/2023
Reference Information
CVE: CVE-2023-20867, CVE-2023-20900
FEDORA: 2023-20b6ac4b6c