CVE-2023-34058: - SAML Token Signature Bypass in open-vm-tools

Q: What is CVE-2023-34058?

CVE-2023-34058 is a vulnerability in open-vm-tools that allows a malicious actor with Guest Operation Privileges to elevate their privileges in a target virtual machine.

Q: How severe is CVE-2023-34058?

CVE-2023-34058 has a severity rating of 7.5 (high).

Q: Which software versions are affected by CVE-2023-34058?

The affected software versions of open-vm-tools are 2:11.3.0-2ubuntu0~ubuntu20.04.7, 2:12.1.5-3~ubuntu0.22.04.4, 2:12.1.5-3ubuntu0.23.04.3, 2:12.3.0-1ubuntu0.1, 2:11.2.5-2+deb11u3, 2:12.2.0-1+deb12u2, 2:12.3.5-1.

Q: How can I fix CVE-2023-34058?

To fix CVE-2023-34058, update to the recommended version of open-vm-tools: 2:11.3.0-2ubuntu0~ubuntu20.04.7, 2:12.1.5-3~ubuntu0.22.04.4, 2:12.1.5-3ubuntu0.23.04.3, 2:12.3.0-1ubuntu0.1, 2:11.2.5-2+deb11u3, 2:12.2.0-1+deb12u2, 2:12.3.5-1.

Q: Where can I find more information about CVE-2023-34058?

You can find more information about CVE-2023-34058 at the following references: [VMware Security Advisory](https://www.vmware.com/security/advisories/VMSA-2023-0024.html), [OpenWall mailing list](http://www.openwall.com/lists/oss-security/2023/10/27/1), [Debian Security Advisory](https://www.debian.org/security/2023/dsa-5543).

Published Oct 25, 2023

Updated

VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html .

Other sources

VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias.

Reference:

https://www.vmware.com/security/advisories/VMSA-2023-0024

— Red Hat

Affected Software

19 affected componentsFixes available

redhat/open-vm-tools<11.0.0

11.0.0

ubuntu/open-vm-tools<2:11.0.5-4ubuntu0.18.04.3+

2:11.0.5-4ubuntu0.18.04.3+

ubuntu/open-vm-tools<2:11.3.0-2ubuntu0~ubuntu20.04.7

2:11.3.0-2ubuntu0~ubuntu20.04.7

ubuntu/open-vm-tools<2:12.1.5-3~ubuntu0.22.04.4

2:12.1.5-3~ubuntu0.22.04.4

ubuntu/open-vm-tools<2:12.1.5-3ubuntu0.23.04.3

2:12.1.5-3ubuntu0.23.04.3

ubuntu/open-vm-tools<2:12.3.0-1ubuntu0.1

2:12.3.0-1ubuntu0.1

ubuntu/open-vm-tools<2:10.2.0-3~ubuntu0.16.04.1+

2:10.2.0-3~ubuntu0.16.04.1+

debian/open-vm-tools

2:11.2.5-2+deb11u32:12.2.0-1+deb12u22:12.4.5-1

VMware Open Vm Tools>=11.0.0<=12.3.0

Debian Debian Linux=10.0

Debian Debian Linux=11.0

Debian Debian Linux=12.0

All of the following

VMware Tools>=10.3.0<12.3.5

Microsoft Windows

Fedoraproject Fedora=37

Fedoraproject Fedora=38

Fedoraproject Fedora=39

IBM Security Verify Governance<=ISVG 10.0.2

IBM Security Verify Governance - Identity Manager virtual appliance component<=ISVG 10.0.2

Remediation

Patch Available

http://www.openwall.com/lists/oss-security/2023/10/27/1

Event History

Oct 26, 2023

CVE Published

via Ubuntu·12:00 AM

Oct 27, 2023

CVE Published

via MITRE·04:53 AM

Data Sourced

via MITRE·04:53 AM

DescriptionSeverityWeakness

Jan 12, 2024

Data Sourced

via Launchpad·12:21 AM

Description

Jun 5, 2025

Data Sourced

via IBM·12:00 AM

DescriptionAffected Software

Parent advisories

This vulnerability appears in the following advisories.

Frequently Asked Questions

What is CVE-2023-34058?

CVE-2023-34058 is a vulnerability in open-vm-tools that allows a malicious actor with Guest Operation Privileges to elevate their privileges in a target virtual machine.

How severe is CVE-2023-34058?

CVE-2023-34058 has a severity rating of 7.5 (high).

Which software versions are affected by CVE-2023-34058?

The affected software versions of open-vm-tools are 2:11.3.0-2ubuntu0~ubuntu20.04.7, 2:12.1.5-3~ubuntu0.22.04.4, 2:12.1.5-3ubuntu0.23.04.3, 2:12.3.0-1ubuntu0.1, 2:11.2.5-2+deb11u3, 2:12.2.0-1+deb12u2, 2:12.3.5-1.

How can I fix CVE-2023-34058?

To fix CVE-2023-34058, update to the recommended version of open-vm-tools: 2:11.3.0-2ubuntu0~ubuntu20.04.7, 2:12.1.5-3~ubuntu0.22.04.4, 2:12.1.5-3ubuntu0.23.04.3, 2:12.3.0-1ubuntu0.1, 2:11.2.5-2+deb11u3, 2:12.2.0-1+deb12u2, 2:12.3.5-1.

Where can I find more information about CVE-2023-34058?

You can find more information about CVE-2023-34058 at the following references: [VMware Security Advisory](https://www.vmware.com/security/advisories/VMSA-2023-0024.html), [OpenWall mailing list](http://www.openwall.com/lists/oss-security/2023/10/27/1), [Debian Security Advisory](https://www.debian.org/security/2023/dsa-5543).

CVE-2023-34058: - SAML Token Signature Bypass in open-vm-tools

Other sources

Affected Software

Remediation

Patch Available

Event History

Parent advisories

Don't miss critical vulnerabilities

Frequently Asked Questions

What is CVE-2023-34058?

How severe is CVE-2023-34058?

Which software versions are affected by CVE-2023-34058?

How can I fix CVE-2023-34058?

Where can I find more information about CVE-2023-34058?

Company

Resources

Contact