A Critical VMware Cloud Director Issue Could Allow Hackers to Takeover the Whole Cloud Infrastructure

vmware News

VMware, a virtualization and cloud computing company, has released an update on Thursday to fix a security vulnerability in Cloud Director that could allow remote code execution.

The issue, assigned the identifier CVE-2022-22966, has a CVSS score of 9. 1 out of a maximum of 10. VMware gave Jari Jaaskela, a security researcher, credit for reporting the flaw.

“An authenticated, high privileged malicious actor with network access to the VMware Cloud Director tenant or provider may be able to exploit a remote code execution vulnerability to gain access to the server,” VMware said in an advisory.

Vembeau Cloud Director, formerly vCloud Director, is the most popular cloud management platform. It’s used by several well-known cloud service providers to manage and operate their cloud infrastructures. Half a million VMware customers use the software to run the world’s complex digital infrastructure.

The vulnerability could, in other words, end up allowing attackers to gain access to sensitive data and take over private clouds within an entire infrastructure.

Affected versions include 10. 1.x, 10. 2.x, and 10. 3.x, with fixes available in versions 10.1.4. 1, 10.2.2. 3, and 10.3.3. The company has also published workarounds that can be followed when upgrading to a recommended version is not an option.

The patches arrive a day after exploits for another recently fixed critical flaw in VMware Workspace ONE Access were detected in the wild.

The flaw (CVE-2022-22954) relates to a remote code execution vulnerability that stems from server-side template injection in VMware Workspace ONE Access and Identity Manager.

With VMware products often becoming a lucrative target for threat actors, the update adds to the urgency for organizations to apply necessary mitigations to prevent potential threats.

Rate author