CVE-2023-20891

EUVD-2023-25062

26.07.2023, 06:15

The VMware Tanzu Application Service for VMs and Isolation Segment contain an information disclosure vulnerability due to the logging of credentials in hex encoding in platform system audit logs. A malicious non-admin user who has access to the platform system audit logs can access hex encoded CF API admin credentials and can push new malicious versions of an application. In a default deployment non-admin users do not have access to the platform system audit logs.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6.5 MEDIUM	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
vmware	CNA	6.5 MEDIUM	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 47%

Affected Products (NVD)

Vendor	Product	Version
vmware	isolation_segment	2.11.0 ≤ 𝑥 < 2.11.35
vmware	isolation_segment	2.13.0 ≤ 𝑥 < 2.13.20
vmware	isolation_segment	3.0.0 ≤ 𝑥 < 3.0.13
vmware	isolation_segment	4.0.0 ≤ 𝑥 < 4.0.4
vmware	tanzu_application_service_for_virtual_machines	2.11.0 ≤ 𝑥 < 2.11.42
vmware	tanzu_application_service_for_virtual_machines	2.13.0 ≤ 𝑥 < 2.13.24
vmware	tanzu_application_service_for_virtual_machines	3.0.0 ≤ 𝑥 < 3.0.14
vmware	tanzu_application_service_for_virtual_machines	4.0.0 ≤ 𝑥 < 4.0.5

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-532 - Insertion of Sensitive Information into Log File
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

References

https://www.vmware.com/security/advisories/VMSA-2023-0016.html