{"id":"CVE-2023-20900","details":"A malicious actor that has been granted  Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html  in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged  Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html .","modified":"2026-02-17T00:33:04.647172Z","published":"2023-08-31T10:15:08.247Z","related":["ALSA-2023:5312","ALSA-2023:5313","SUSE-SU-2023:3504-1","SUSE-SU-2023:3505-1","SUSE-SU-2023:3506-1","SUSE-SU-2023:3507-1","SUSE-SU-2023:3795-1","SUSE-SU-2023:3835-1","openSUSE-SU-2024:13186-1"],"references":[{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2023/08/31/1"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20231013-0002/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2023/dsa-5493"},{"type":"ADVISORY","url":"https://www.vmware.com/security/advisories/VMSA-2023-0019.html"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2023/10/27/1"},{"type":"FIX","url":"https://www.vmware.com/security/advisories/VMSA-2023-0019.html"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2023/08/31/1"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2023/10/27/1"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00000.html"},{"type":"ARTICLE","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NVKQ6Y2JFJRWPFOZUOTFO3H27BK5GGOG/"},{"type":"ARTICLE","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJNJMD67QIT6LXLKWSHFM47DCLRSMT6W/"},{"type":"ARTICLE","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZJM6HDRQYS74JA7YNKQBFH2XSZ52HEWH/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/vmware/open-vm-tools","events":[{"introduced":"2147df6aabe639fc5ff423ed791a8e7f02bf8d0a"},{"fixed":"865e76adf86fb38380220a3b760aa92ba5407c60"}]}],"versions":["stable-10.3.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-20900.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}