VMware is warning of a critical and unpatched security flaw in Cloud Director that could be exploited by a malicious actor to get around authentication protections. Tracked asCVE-2023-34060(CVSS score: 9.8), the vulnerability impacts instances that have been upgraded to version 10.5 from an older version. “On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with