Detections
Analytics
VMware vCenter / vRealize Orchestrator 8.x < 8.11.1 XXE (VMSA-2023-0005)
high Nessus Plugin ID 171896
Language:
Synopsis
The remote host has a virtualization application installed that is affected by an XML external entity vulnerability.Description
The version of VMware vCenter / vRealize Orchestrator installed on the remote host is 8.x < 8.11.1. It is, therefore, affected by an XML external entity vulnerability. A malicious actor, with non-administrative access to vRealize Orchestrator, may be able to use specially crafted input to bypass XML parsing restrictions leading to access to sensitive information or possible escalation of privileges.Solution
Apply the patch referenced in VMware KB 2141244.See Also
https://www.vmware.com/security/advisories/VMSA-2023-0005.html
Plugin Details
Severity: High
ID: 171896
File Name: vmware_vrealize_orchestrator_VMSA-2023-0005.nasl
Version: 1.2
Type: local
Agent: windows
Family: Misc.
Published: 2/24/2023
Updated: 3/6/2023
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 9
Temporal Score: 6.7
Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2023-20855
CVSS v3
Risk Factor: High
Base Score: 8.8
Temporal Score: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:vmware:vcenter_orchestrator, cpe:/a:vmware:vrealize_orchestrator
Required KB Items: installed_sw/VMware vCenter Orchestrator
Exploit Ease: No known exploits are available
Patch Publication Date: 2/21/2023
Vulnerability Publication Date: 2/21/2023
Reference Information
CVE: CVE-2023-20855
IAVA: 2023-A-0113
VMSA: 2023-0005