LockFile
CyberDaily: Cybersecurity news

On Thursday, VMWare, a cloud computing and virtualisation technology firm, pushed an update to fix a critical vulnerability in its Cloud Director product. The vulnerability could be exploited to execute codes remotely.

The vulnerability labelled CVE-2022-22966 scores 9.1 out of 10 on the CVSS scale. Jari Jaaskela, a security researcher, uncovered the flaw, and VMware acknowledged Jari Jaaskela contribution. 

“An authenticated, high privileged malicious actor with network access to the VMware Cloud Director tenant or provider may be able to exploit a remote code execution vulnerability to gain access to the server,” VMware said in an advisory.

Many big cloud providers use VMware Cloud Director, previously known as vCloud Director,  for operating and managing their cloud infrastructures and are becoming popular among datacenters across sites and geographies. 

The vulnerability can allow attackers to access sensitive data and control private clouds embedded in the infrastructure. 

The flaw exists in version 10.1.x, 10.2.x, and 10.3.x and the patch for the flaw is available in versions 10.1.4.1, 10.2.2.3, and 10.3.3. The company has also provided alternatives where upgrading is not possible. 

The fix comes at a time when VMware fixed another critical flaw in VMware Workspace ONE Access.

The flaw (CVE-2022-22954) can lead to remote code execution, which has its roots in server-side template injection in VMware Workspace ONE Access and identity Manager. 

With VMware products often becoming a lucrative target for threat actors, the update adds to the urgency for organizations to apply necessary mitigations to prevent potential threats.

Reference

https://thehackernews.com/2022/04/critical-vmware-cloud-director-bug.html