VMware Patches Flaw Exposing Admin Credentials in Tanzu Application Service for VMs

VMware has addressed an information disclosure vulnerability, CVE-2023-20891 [1] [3] [4], affecting its Tanzu Application Service for VMs and Isolation Segment products [1] [4]. This vulnerability allows remote attackers with low privileges to gain access to Cloud Foundry (CF) API admin credentials on unpatched systems [3].


The vulnerability stems from the logging of credentials in hex encoding in the platform system audit logs [1] [2] [4]. By extracting the hex-encoded CF API admin credentials from these logs, a malicious non-admin user could potentially compromise the entire system’s security by pushing malicious versions of applications. It is important to note that non-admin users typically do not have access to these logs in a default deployment, which mitigates some of the risks.

VMware recommends affected users to rotate their CF API admin credentials as a precautionary measure [3]. They provide a guide on changing the credentials [3], but caution that it is not officially supported [3]. Additionally, VMware has addressed other security bugs in the past month [3].


To protect against this vulnerability, users are advised to apply the patches released by VMware and rotate their CF API admin credentials [1] [4]. This vulnerability has been classified as “Moderate” with a CVSS v3 base score of 6.5. It is crucial for affected users to take these precautions to safeguard their systems and prevent potential unauthorized access.


[1] https://www.infosecurity-magazine.com/news/vmware-patches-flaw-exposing-admin/
[2] https://www.tenable.com/cve/CVE-2023-20891
[3] https://vulnera.com/newswire/vmware-patches-information-disclosure-bug-in-tanzu-application-service-for-vms/
[4] https://pfete.com/index.php/2023/07/26/vmware-patches-vulnerability-exposing-admin-credentials/


VMware, information disclosure vulnerability, CVE-2023-20891, Tanzu Application Service for VMs, Isolation Segment, remote attackers, low privileges, gain access, Cloud Foundry, CF API admin credentials, unpatched systems, logging, hex encoding, platform system audit logs, malicious non-admin user, compromise, security, push malicious versions of applications, non-admin users, default deployment, mitigate risks, rotate, precautionary measure, guide, officially supported, security bugs, patches, classified as “Moderate”, CVSS v3 base score, safeguard, systems, prevent unauthorized access.