Сlarity and Trust – We take pride in being the site where you can feel free to express your opinion and leave feedback. Whenever you click on the websites of products reviewed by us, we participate in the revenue sharing and get commissions that help us maintain our project. Read more about how we work.

VMware Fixes Critical Vulnerability in Cloud Foundation

Now Reading
VMware Fixes Critical Vulnerability in Cloud Foundation

VMware developers have released a patch for a critical vulnerability in the VMware Cloud Foundation hybrid cloud platform.

The issue was identified in the XStream open-source library used by Cloud Foundation and scored 9.8 out of 10 on the CVSS vulnerability rating scale.

By the way, we also said that Some Versions of VMware Carbon Black Cause BSODs on Windows.

The vulnerability, which received the identifier CVE-2021-39144, was discovered by experts from Source Incite and can lead to remote execution of arbitrary code without requiring authentication and any user interaction. The developers also warn that the operation of the bug difficult is not difficult at all.

Due to an unauthenticated endpoint that uses XStream to serialize the imput to VMware Cloud Foundation (NSX-V), an attacker could perform remote code execution in the context of root on the device.warned VMware representatives.

Since the discovered problem has received the status of critical, the developers have released fixes even for those products, support period of which has already expired.

VMware has updated XStream to version 1.4.19 to fix CVE-2021-39144, and for those who for some reason cannot immediately install the patch, the company has offered a workaround to temporarily fix the problem.

It should also be noted that with the release of this patch, another less dangerous vulnerability (CVE-2022-31678) has been fixed, which could provoke a denial of service or reveal information after an XXE attack.

But it is also worth recalling that, as Fortinet experts warned: hackers are still exploiting the critical bug in VMware Workspace ONE Access (CVE-2022-22954), thus spreading ransomware and cryptocurrency miners.

Let me remind you that the vulnerability CVE-2022-22954 is related to the remote execution of arbitrary code. The bug scored 9.8 out of 10 on the CVSS vulnerability rating scale, and VMware discovered and fixed the issue on April 6 this year. However, the attackers reversed this fix and within 48 hours created an exploit, which was then used to compromise yet unpatched servers.

What's your reaction?
Love It
Like It
Want It
Had It
Hated It
About The Author
Vladimir Krasnogolovy
Leave a response

Leave a Response