[BreachExchange] Critical VMware Cloud Director Bug Could Let Hackers Takeover Entire Cloud Infrastructure

Matthew Wheeler mwheeler at flashpoint-intel.com
Fri Apr 15 08:22:55 EDT 2022


https://thehackernews.com/2022/04/critical-vmware-cloud-director-bug.html

Cloud computing and virtualization technology firm VMWare on Thursday
rolled out an update to resolve a critical security flaw in its Cloud
Director product that could be weaponized to launch remote code execution
attacks.

The issue, assigned the identifier CVE-2022-22966, has a CVSS score of 9.1
out of a maximum of 10. VMware credited security researcher Jari Jääskelä
with reporting the flaw.

"An authenticated, high privileged malicious actor with network access to
the VMware Cloud Director tenant or provider may be able to exploit a
remote code execution vulnerability to gain access to the server," VMware
said in an advisory.

VMware Cloud Director, formerly known as vCloud Director, is used by many
well-known cloud providers to operate and manage their cloud
infrastructures and gain visibility into datacenters across sites and
geographies.

The vulnerability could, in other words, end up allowing attackers to gain
access to sensitive data and take over private clouds within an entire
infrastructure.

Affected versions include 10.1.x, 10.2.x, and 10.3.x, with fixes available
in versions 10.1.4.1, 10.2.2.3, and 10.3.3. The company has also published
workarounds that can be followed when upgrading to a recommended version is
not an option.

The patches arrive a day after exploits for another recently fixed critical
flaw in VMware Workspace ONE Access were detected in the wild.

The flaw (CVE-2022-22954) relates to a remote code execution vulnerability
that stems from server-side template injection in VMware Workspace ONE
Access and Identity Manager.

With VMware products often becoming a lucrative target for threat actors,
the update adds to the urgency for organizations to apply necessary
mitigations to prevent potential threats.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20220415/751a6c0d/attachment.html>


More information about the BreachExchange mailing list