VMware Patches Command Injection Flaw

Author: Melodie Foster

Date: 4th December 2020

The zero-day bug was flagged in late November by the U.S. Cybersecurity and Infrastructure Security Agency after it was reported to them by the National Security Agency. It affected VMware versions across its Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector administrative configurator portfolios for both Windows and Linux operating systems.

VMware wrote about the flaw in a blog post, “a malicious actor with network access to the administrative configurator on port 8443 and a valid password for the configurator admin account can execute commands with unrestricted privileges on the underlying operating system.”

The CVSS rating for the bug has decreased from 9.1 out of 10 to 7.2 after further investigation into the vulnerability showed that an attacker would need the password which would make it harder to exploit. This brings the CVSS severity rating for the flaw from critical to “important”. The blog post mentioned that the password would have to be obtained by tactics like phishing, brute forcing or credential stuffing.

After the flaw was first discovered in November, VMware issued a “temporary solution” and there were no reports of exploitation in the wild. However, now that a full patch is available it is recommended to upgrade your VMware software.[1]

[1] https://threatpost.com/vmware-fix-critical-zero-day-bug/161896/

Other resources

Cyberfort Colocation Services

Cyberfort has invested heavily in secure infrastructure, making us the perfect colocation service provider to host your mission-critical, sensitive and regulated data.
Find out more >

What can Cyberfort do for you?

Check out our factsheets for detailed information on the matrix of cybersecurity products and services we offer to protect your business.
Find out more >

Cyberfort Deep Dives

Cyberfort’s cybersecurity consultants explore issues in cyber threat intelligence, incident planning and data security. Read our whitepapers to help make decisions that benefit your business.
Find out more >

Cookie Name	Expiration Time	Description
_ga	2 years	Used to distinguish users.
_gid	24 hours	Used to distinguish users.
_gat	1 minute	Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.

_gac_<property-id>	90 days	Contains campaign related information for the user. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out.
__hstc	13 months	The main cookie for tracking visitors.
hubspotutk	13 months	This cookie keeps track of a visitor's identity. It is passed to HubSpot on form submission and used when deduplicating contacts.
__hssc	30 minutes	This cookie keeps track of sessions.
__hssrc	End of session	Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser.

VMware Patches Command Injection Flaw

Author: Melodie Foster

Date: 4th December 2020

Other resources

Cyberfort Colocation Services

What can Cyberfort do for you?

Cyberfort Deep Dives

Recent Posts

Recent Comments

Archives

Categories

Meta