Back to bug 2213087
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Marian Rehak | 2023-06-07 06:34:12 UTC | CC | security-response-team | |
| Marian Rehak | 2023-06-07 06:35:27 UTC | Blocks | 2213089 | |
| Guilherme de Almeida Suckevicz | 2023-06-14 13:56:37 UTC | CC | jsavanyo, virt-maint, ymankad | |
| Summary | EMBARGOED CVE-2023-20867 open-vm-tools: authentication bypass vulnerability in the vgauth module | CVE-2023-20867 open-vm-tools: authentication bypass vulnerability in the vgauth module | ||
| Group | security, qe_staff | |||
| Deadline | 2023-06-13 | |||
| Kazu Yoshida | 2023-06-15 01:53:56 UTC | CC | kyoshida | |
| Jack Waterworth | 2023-06-15 19:25:37 UTC | CC | subhro | |
| Pool ID | sst_virtualization_cloud_rhel_9 | |||
| CC | jwaterwo | |||
| Marian Rehak | 2023-06-16 13:42:24 UTC | Fixed In Version | open-vm-tools 12.2.5 | |
| Marian Rehak | 2023-06-16 13:48:37 UTC | Depends On | 2215553 | |
| Marian Rehak | 2023-06-16 14:03:43 UTC | Doc Text | A flaw was found in the open-vm-tools package. An attacker with root access privileges over ESXi is able to cause an authentication bypass in the vgauth module. This may lead to compromised Confidentiality and Integrity. | |
| Marian Rehak | 2023-06-16 14:07:06 UTC | Depends On | 2215563, 2215562, 2215565, 2215566, 2215564 | |
| Paige Jung | 2023-06-19 14:08:41 UTC | Doc Text | A flaw was found in the open-vm-tools package. An attacker with root access privileges over ESXi is able to cause an authentication bypass in the vgauth module. This may lead to compromised Confidentiality and Integrity. | A flaw was found in the open-vm-tools package. An attacker with root access privileges over ESXi may be able to cause an authentication bypass in the vgauth module. This may lead to compromised confidentiality and integrity. |
| ldu | 2023-06-20 06:26:23 UTC | CC | mrezanin | |
| Valerie Sroka | 2023-06-23 16:49:05 UTC | CC | vsroka | |
| Marco Benatto | 2023-06-23 18:24:11 UTC | CC | daniel_faustino_fidelis | |
| Flags | needinfo?(mrehak) | |||
| Tom Sorensen | 2023-06-23 19:39:01 UTC | CC | tsorense | |
| RHEL Program Management Team | 2023-06-23 19:45:18 UTC | Depends On | 2217081 | |
| RHEL Program Management Team | 2023-06-23 19:45:34 UTC | Depends On | 2217082 | |
| RHEL Program Management Team | 2023-06-23 19:47:03 UTC | Depends On | 2217083 | |
| RHEL Program Management Team | 2023-06-23 19:47:45 UTC | Depends On | 2217085 | |
| RHEL Program Management Team | 2023-06-23 19:48:27 UTC | Depends On | 2217086 | |
| RHEL Program Management Team | 2023-06-23 19:49:10 UTC | Depends On | 2217087 | |
| Marian Rehak | 2023-06-26 07:29:11 UTC | Flags | needinfo?(mrehak) | |
| Ani Sinha | 2023-06-26 09:36:25 UTC | CC | anisinha | |
| errata-xmlrpc | 2023-06-29 15:02:11 UTC | Link ID | Red Hat Product Errata RHSA-2023:3947 | |
| errata-xmlrpc | 2023-06-29 15:02:36 UTC | Link ID | Red Hat Product Errata RHSA-2023:3945 | |
| errata-xmlrpc | 2023-06-29 15:03:42 UTC | Link ID | Red Hat Product Errata RHSA-2023:3946 | |
| errata-xmlrpc | 2023-06-29 15:08:19 UTC | Link ID | Red Hat Product Errata RHSA-2023:3948 | |
| errata-xmlrpc | 2023-06-29 15:09:16 UTC | Link ID | Red Hat Product Errata RHSA-2023:3944 | |
| errata-xmlrpc | 2023-06-29 15:14:46 UTC | Link ID | Red Hat Product Errata RHSA-2023:3949 | |
| errata-xmlrpc | 2023-06-29 15:17:43 UTC | Link ID | Red Hat Product Errata RHSA-2023:3950 | |
| Red Hat Bugzilla | 2023-07-07 08:29:46 UTC | CC | security-response-team | |
| Assignee | security-response-team | nobody | ||
| Marian Rehak | 2023-08-17 05:47:33 UTC | Resolution | --- | NEXTRELEASE |
| Status | NEW | CLOSED | ||
| Last Closed | 2023-08-17 05:47:33 UTC |
Back to bug 2213087