Forum
Forum-Navigation
CVE-2023-20900 - VMware Tools
#1 · 31. August 2023, 0:00
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor with man-in-the-middle (MITM) network positioning in the virtual machine network may be able to bypass SAML token signature verification, to perform VMware Tools Guest Operations.
References
http://www.openwall.com/lists/oss-security/2023/08/31/1
https://www.vmware.com/security/advisories/VMSA-2023-0019.html