The company Citadelo has published a report on a new vulnerability found in VMware Cloud Director. This threat could allow an attacker to access sensitive information and control private clouds within a corporate infrastructure.
The vulnerability was discovered after contracting a third-party company to perform a security audit of its cloud infrastructure. Likewise, A PoC has also been released to demonstrate the severity of the exploit.
Designated with the identifier CVE-2020-3956, The code injection vulnerability arises from an error in input validation that could be exploited by an authenticated attacker to send malicious traffic to Cloud Director, thus allowing the execution of arbitrary code.
On the CVSS v3 severity scale, it has been rated as 8.8, which makes this vulnerability considered critical. According to the company, the vulnerability can be exploited through its HTML5 interface, its API browser interface, access to it, and Flex-based UIs. The affected versions are:
- 10.0.X before 10.0.0.2
- 9.7.0.X before 9.7.0.5
- 9.5.0.X before 9.5.0.6
- 9.1.0.X before 9.1.0.4
After Citadelo reported these flaws to VMware on 1 April, the company patched these vulnerabilities with a series of updates in the versions 9.1.0.4, 9.5.0.6, 9.7.0.5 and 10.0.0.2. VMware también ha facilitado un workaround para mitigar el riesgo de ataques que exploten estas vulnerabilidades.