How severe is CVE-2023-34056?

Medium severity. CVSS v3 base score is 4.3 out of 10.

Vulnerability in Vmware Cloud Foundation (Vmware Vcenter Server)

CVE-2023-34056

vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data.

EPSS: 0.002 (41.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N.

Affected products

Vmware Cloud Foundation (Vmware Vcenter Server) — versions 5.x, 4.x
Vmware Vcenter Server — versions 8.0, 7.0

References

www.vmware.com/security/advisories/VMSA-2023-0023.html

Frequently asked questions

What is CVE-2023-34056?: CVE-2023-34056 is a medium-severity vulnerability in Vmware Cloud Foundation (Vmware Vcenter Server). CVSS score: 4.3/10. Published 2023-10-25.
How severe is CVE-2023-34056?: Medium severity. CVSS v3 base score is 4.3 out of 10.