具有 vCenter Server 网络访问权限的远程攻击者可以利用该漏洞在目标系统上执行任意代码,漏洞详情请见:
https://core.vmware.com/resource/vmsa-2023-0023-questions-answers#introduction
https://www.vmware.com/security/advisories/VMSA-2023-0023.html
受影响的范围:
VMware vCenter Server 8.0 < 8.0U1d
VMware vCenter Server 7.0 < 7.0U3o
VMware vCenter Server 6.7 < 6.7U3T
VMware vCenter Server 6.5 < 6.5.0U3V
VMware Cloud Foundation(VMware vCenter Server) 5.x
VMware Cloud Foundation(VMware vCenter Server) 4.x
VMware Cloud Foundation(VMware vCenter Server) 3.x
苏州天剑服务工程师建议用户尽快下载安装补丁程序。