CVE-2023-34056

Summary

vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data.

Affected Software

VendorProductVersion RangeStatus
VMwareVMware vCenter Server8.0 < 8.0U2affected
VMwareVMware vCenter Server7.0 < 7.0U3oaffected
VMwareVMware Cloud Foundation (VMware vCenter Server)5.xaffected
VMwareVMware Cloud Foundation (VMware vCenter Server)4.xaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References