VMware fixes critical Cloud Director auth bypass unpatched for 2 weeks

VMware has fixed a critical authentication bypass vulnerability in Cloud Director appliance deployments, a bug that was left unpatched for over two weeks since it was disclosed on November 14th.

Cloud Director is a VMware platform that enables admins to manage data centers spread across multiple locations as Virtual Data Centers (VDC).

The auth bypass security flaw (CVE-2023-34060) only impacts appliances running VCD Appliance 10.5 that were previously upgraded from an older release….