VMware Cloud Foundation provides a complete set of software-defined services for compute, storage, networking, security and cloud management to run enterprise apps-traditional or containerized -in private or public environments.The US National Security Agency (NSA) is warning organisations to patch or take mitigation steps to close a vulnerability in several VMware products that Russian state-sponsored hackers are exploiting to hijack authentication tokens and access sensitive data on other systems. VMWare vCenter Server is the centralized management utility for VMware, and is used to manage virtual machines, multiple ESXi hosts, and all dependent components from a single centralized location. According to VMware, updates are available to remediate these vulnerabilities in the affected VMware products.
Researchers are particularly concerned that this vulnerability (CVE-2021-22005) could be exploited to deploy ransomware on a target organization’s network. Security researchers are particularly concerned about CVE-2021-22005, which was given a CVSSv3 severity rating of 9.8/10 and which could enable a threat actor with network access to port 443 on vCenter Server to upload a malicious file and exploit an unpatched server. On September 21, 2021, VMware disclosed nineteen (19) vulnerabilities affecting their vCenter Server and Cloud Foundation products. VMware recommends that customers install available updates, patches, or workarounds immediately to mitigate these vulnerabilities in affected VMware products. Working exploits have already been detected and additional exploits are highly likely to become available soon.
On September 21, 2021, VMware disclosed numerous vulnerabilities affecting their vCenter Server and Cloud Foundation products, some of which could be exploited for the deployment of ransomware or other malicious activity.
0 kommentar(er)
