What is the vulnerability ID for this vCenter Server vulnerability?

The vulnerability ID for this vCenter Server vulnerability is CVE-2023-34056.

What is the severity of CVE-2023-34056?

The severity of CVE-2023-34056 is medium with a score of 4.3.

What is the affected software for this vCenter Server vulnerability?

The affected software for this vCenter Server vulnerability is VMware vCenter Server version 4.0 to 5.5, and versions 7.0 to 8.0.

What is the risk of the partial information disclosure vulnerability in vCenter Server?

The risk of the partial information disclosure vulnerability in vCenter Server is unauthorized access to sensitive data by a malicious actor with non-administrative privileges.

Where can I find more information about this vulnerability?

You can find more information about this vulnerability at the following link: [https://www.vmware.com/security/advisories/VMSA-2023-0023.html](https://www.vmware.com/security/advisories/VMSA-2023-0023.html)

Vulnerability/
CVE-2023-34056

medium

4.3

CWE

922

25/10/2023

29/10/2024

CVE-2023-34056: VMware vCenter Server Partial Information Disclosure Vulnerability

First published: Wed Oct 25 2023(Updated: )

vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data.

Credit: security@vmware.com

Affected Software	Affected Version	How to fix
VMware vCenter Server	>=4.0<=5.5
VMware vCenter Server	=7.0
VMware vCenter Server	=7.0-a
VMware vCenter Server	=7.0-b
VMware vCenter Server	=7.0-c
VMware vCenter Server	=7.0-d
VMware vCenter Server	=7.0-update1
VMware vCenter Server	=7.0-update1a
VMware vCenter Server	=7.0-update1c
VMware vCenter Server	=7.0-update1d
VMware vCenter Server	=7.0-update2
VMware vCenter Server	=7.0-update2a
VMware vCenter Server	=7.0-update2b
VMware vCenter Server	=7.0-update2c
VMware vCenter Server	=7.0-update2d
VMware vCenter Server	=7.0-update3
VMware vCenter Server	=7.0-update3a
VMware vCenter Server	=7.0-update3c
VMware vCenter Server	=7.0-update3d
VMware vCenter Server	=7.0-update3e
VMware vCenter Server	=7.0-update3f
VMware vCenter Server	=7.0-update3g
VMware vCenter Server	=7.0-update3h
VMware vCenter Server	=7.0-update3i
VMware vCenter Server	=7.0-update3j
VMware vCenter Server	=7.0-update3k
VMware vCenter Server	=7.0-update3l
VMware vCenter Server	=7.0-update3m
VMware vCenter Server	=7.0-update3n
VMware vCenter Server	=8.0
VMware vCenter Server	=8.0-a
VMware vCenter Server	=8.0-b
VMware vCenter Server	=8.0-c
VMware vCenter Server	=8.0-update1
VMware vCenter Server	=8.0-update1a
VMware vCenter Server	=8.0-update1b
VMware vCenter Server	=8.0-update1c
VMware vCenter Server	=8.0-update1d

Never miss a vulnerability like this again

Reference Links

https://www.vmware.com/security/advisories/VMSA-2023-0023.html

Frequently Asked Questions

What is the vulnerability ID for this vCenter Server vulnerability?
The vulnerability ID for this vCenter Server vulnerability is CVE-2023-34056.
What is the severity of CVE-2023-34056?
The severity of CVE-2023-34056 is medium with a score of 4.3.
What is the affected software for this vCenter Server vulnerability?
The affected software for this vCenter Server vulnerability is VMware vCenter Server version 4.0 to 5.5, and versions 7.0 to 8.0.
What is the risk of the partial information disclosure vulnerability in vCenter Server?
The risk of the partial information disclosure vulnerability in vCenter Server is unauthorized access to sensitive data by a malicious actor with non-administrative privileges.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability at the following link: [https://www.vmware.com/security/advisories/VMSA-2023-0023.html](https://www.vmware.com/security/advisories/VMSA-2023-0023.html)

agent/type
agent/softwarecombine
agent/severity
agent/title
agent/references
agent/author
agent/description
agent/event
agent/first-publish-date
collector/mitre-cve
source/MITRE
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/weakness
agent/last-modified-date
agent/tags
vendor/vmware
canonical/vmware vcenter server
version/vmware vcenter server/4.0
version/vmware vcenter server/5.5
version/vmware vcenter server/7.0
version/vmware vcenter server/7.0-a
version/vmware vcenter server/7.0-b
version/vmware vcenter server/7.0-c
version/vmware vcenter server/7.0-d
version/vmware vcenter server/7.0-update1
version/vmware vcenter server/7.0-update1a
version/vmware vcenter server/7.0-update1c
version/vmware vcenter server/7.0-update1d
version/vmware vcenter server/7.0-update2
version/vmware vcenter server/7.0-update2a
version/vmware vcenter server/7.0-update2b
version/vmware vcenter server/7.0-update2c
version/vmware vcenter server/7.0-update2d
version/vmware vcenter server/7.0-update3
version/vmware vcenter server/7.0-update3a
version/vmware vcenter server/7.0-update3c
version/vmware vcenter server/7.0-update3d
version/vmware vcenter server/7.0-update3e
version/vmware vcenter server/7.0-update3f
version/vmware vcenter server/7.0-update3g
version/vmware vcenter server/7.0-update3h
version/vmware vcenter server/7.0-update3i
version/vmware vcenter server/7.0-update3j
version/vmware vcenter server/7.0-update3k
version/vmware vcenter server/7.0-update3l
version/vmware vcenter server/7.0-update3m
version/vmware vcenter server/7.0-update3n
version/vmware vcenter server/8.0
version/vmware vcenter server/8.0-a
version/vmware vcenter server/8.0-b
version/vmware vcenter server/8.0-c
version/vmware vcenter server/8.0-update1
version/vmware vcenter server/8.0-update1a
version/vmware vcenter server/8.0-update1b
version/vmware vcenter server/8.0-update1c
version/vmware vcenter server/8.0-update1d