AOMEI Cyber Backup
VMware vCenter Vulnerability with Security Warning
The consequences of vCenter vulnerabilities impact vCenter security. Do you know workarounds available for these issues?
By Crystal / Updated on November 28, 2023
vCenter Critical Vulnerability: CVE-2023-34048 and CVE-2023-34056
vCenter vulnerability refers to weaknesses that malicious actors can exploit, compromising the confidentiality, integrity, and availability of virtualized systems.
A report of an out-of-bounds write (CVE-2023-34048) and a partial information disclosure (CVE-2023-34056) in vCenter Server has been responsibly submitted to VMware. Remedial updates are now accessible to address these vulnerabilities in the impacted VMware products.
VMware vCenter Server Out-of-Bounds Write Vulnerability (CVE-2023-34048)
The vCenter vulnerability identified as CVE-2023-34048 enables a potential attacker with network access to a susceptible vCenter Server virtual appliance to initiate an out-of-bounds write, consequently posing a risk of remote code execution. VMware has assessed the severity of this issue to fall within the Critical range, assigning a maximum CVSSv3 base score of 9.8.
To address CVE-2023-34048, it is recommended to apply the updates specified in the 'Fixed Version' column of the 'Response Matrix' below to deployments that are affected by this vulnerability.
Workarounds for the identified vulnerability are currently unavailable. The report comes from Grigory Dorodnov of Trend Micro Zero Day Initiative, and as of now, there are no indications that the vulnerability has been exploited in the wild.
📢 Notes:
While VMware typically does not specify end-of-life products in its Security Advisories, the critical severity of this vulnerability, coupled with the absence of a workaround, has prompted VMware to release a patch widely for vCenter Server 6.7U3, 6.5U3, and VCF 3.x. Additionally, due to similar concerns, VMware has issued additional patches for vCenter Server 8.0U1.
Asynchronous patches for vCenter Server in VCF 5.x and 4.x deployments have also been made available. Refer to KB88287 for further details.
VMware vCenter Server Partial Information Disclosure Vulnerability (CVE-2023-34056)
The VMware vCenter vulnerability (CVE-2023-34056) is a partial information disclosure vulnerability. This flaw could potentially enable a malicious actor with non-administrative privileges to access unauthorized data. VMware has assessed the severity of this issue to be within the Moderate range, assigning a maximum CVSSv3 base score of 4.3.
To address CVE-2023-34056, it is recommended to apply the updates specified in the 'Fixed Version' column of the 'Response Matrix' below to deployments affected by this vulnerability.
No workarounds are currently available for this issue.
Protect VMware VM with AOMEI Cyber Backup
Many enterprises rely on vCenter to manage multiple virtual machines. To avoid data leakage and data loss, regular backups are essential. AOMEI Cyber Backup is an efficient VMware backup software designed to back up your virtual machines securely and offer comprehensive data protection. With it, you can enjoy these benefits.
✻ Support multiple platforms: backup MSSQL databases, virtual machines and Windows PCs & Servers easily.
✻ Batch VM Backup: batch backup large numbers of VMs managed by vCenter Server, or multiple VMs on a standalone ESXi host.
✻ Multiple Storage Destinations: backup to a local drive, or network destinations like NAS.
✻ Flexible backup strategy: it offers full/incremental/differential backup methods and keeps tracking changed data resiliently.
✻ Email Notification: send email notification when the task is completed or abnormal.
AOMEI Cyber Backup supports VMware ESXi 6.0 and later versions. Next, I will show you how to back up VMs managed by vCenter Server from a central console. You can click the following button to download the software.
Backup VMware Virtual Machines in Case of Data Loss
1. Navigate to Source Device>VMware>+ Add VMware Device to Add vCenter or Standalone ESXi host. And then click…>Bind Device.
2. Create backup task by hitting Backup Task>>Create New Task. Follow the Wizard to schedule virtual machine backup.
● Enter Task Name and select VMware ESXi Backup.
● Batch select large numbers of VMs managed by vCenter Server for centralized backup.
● Select the Target to store the backup files such as local or network place. You can also backup VMs to an external hard drive.
● Schedule VMware backup task with different backup strategies. Specify full backup for the entire VM and incremental backup for the changed data, and set up the backup frequency as daily/weekly/monthly to run the backup task automatically.
●Select Cleanup to automatically delete the old backup copies that exceed the retention period you specified.
3. Click Start Backup. You can select Add the schedule only or Add the schedule and start backup now.
Created backup tasks will be listed and monitored separately, for restoring, progress checking and schedule changing.
When restoring, you can also restore to new location to create a new VM in the same or another datastore/host directly from the backup, saving the trouble of re-configuring the new VM.
Conclusion
Addressing the VMware vCenter vulnerabilities is imperative for maintaining the security of virtualized environments. The identified weaknesses, such as CVE-2023-34048 and CVE-2023-34056, underscore the need for prompt updates and vigilance. VMware's commitment to providing patches for affected deployments demonstrates their dedication to user security. As organizations navigate this landscape, prioritizing the application of recommended fixes ensures a resilient defense against potential exploits. Stay informed, stay secure, and fortify your virtual infrastructure to mitigate risks in the ever-evolving realm of cybersecurity.
