VMware patches New Flaws influencing Multiple Products

by Sam August 27, 2021

VMware released new updates in an attempt to address vulnerabilities in multiple products. The exploitation of these could allow the attacker to take control of an infected system.

The six security weaknesses identified impact VMware vRealize Operations that are prior to version 8.5.0, VMware Cloud Foundation including versions 3.x and 4.x and vRealize Suite Lifecycle Manager version 8.x.

Egor Dimitrenko of Positive Technologies and thiscodecc of MoyunSec V-lab helped in the identification and reporting of the flaws.

These vulnerabilities are:

CVE-2021-22022 (CVSS score: 4.4) – Arbitrary file read vulnerability in vRealize Operations Manager API, leading to information disclosure
CVE-2021-22023 (CVSS score: 6.6) – Insecure direct object reference vulnerability in vRealize Operations Manager API, enabling an attacker with administrative access to alter other users’ information and seize control of an account
CVE-2021-22024 (CVSS score: 7.5) – Arbitrary log-file read vulnerability in vRealize Operations Manager API, resulting in sensitive information disclosure
CVE-2021-22025 (CVSS score: 8.6) – Broken access control vulnerability in vRealize Operations Manager API, allowing an unauthenticated malicious actor to add new nodes to the existing vROps cluster
CVE-2021-22026 and CVE-2021-22027 (CVSS score: 7.5) – Server Side Request Forgery vulnerability in vRealize Operations Manager API, leading to information disclosure

VMware has also separately released patches for a cross-site scripting (XSS) vulnerability affecting VMware vRealize Log Insight and VMware Cloud Foundation, which is the result of improper user input validation. The exploitation could enable a to gain user privileges, allowing malicious payloads injection through the Log Insight UI executed when a target makes an attempt to access the shared dashboard link.

The flaw has been reported by Marcin Kot of Prevenity and Tran Viet Quang of Vantage Point Security. It has been termed as CVE-2021-22021 with a CVSS score of 6.5.

This step is followed by several other releases of patches by VMware in the month of August. Earlier this month, VMware patched CVE-2021-22002 (CVSS score: 8.6) and CVE-2021-22003(CVSS score: 3.7) which impact VMware Workspace One Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, and vRealize Suite Lifecycle Manager.