On 30 November 2023, VMware released a patch for the vulnerability tracked as CVE-2023-34060.
As per our previous reporting, the vulnerability stems from a misconfiguration of pluggable authentication module (PAM) files, which would enable an attacker with network access to gain access to the system via SSH (port 22) or the appliance management console (port 5480).
While VMware had already provided a workaround on 14 November, when the vulnerability was disclosed, the issue was patched with VMware Cloud Director Appliance 10.5.1.