Cybercriminals Actively Target VMware vSphere with Cryptominers

Organizations running sophisticated virtual networks with VMware’s vSphere service are actively being targeted by cryptojackers, who have figured out how to inject the XMRig commercial cryptominer into the environment, undetected. Uptycs’ Siddharth Sharma has released research showing threat acto...

VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)

1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...

The vulnerability of the vSphere Web Client (FLEX/Flash) component, which manages virtual infrastructure, affects both Vmware vCenter Server and VMware Cloud Foundation. This vulnerability allows an attacker to gain unauthorized access to protected information.

The vulnerability of the vSphere Web Client’s FLEX/Flash component, which is used for managing virtual infrastructure such as VMware vCenter Server and VMware Cloud Foundation, stems from deficiencies in path name checking for access to restricted directories. Exploiting this vulnerability could...

The vulnerability of the vSphere Web Client (FLEX/Flash) component, which manages virtual infrastructure, affects both Vmware vCenter Server and VMware Cloud Foundation. This vulnerability allows an attacker to gain unauthorized access to protected information.

The vulnerability of the vSphere Web Client FLEX/Flash component related to Vmware vCenter Server and VMware Cloud Foundation management tools is due to insufficient validation of incoming requests. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...

VMware vCenter Server 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2021-0027)

The version of VMware vCenter Server installed on the remote host is 6.5 prior to 6.5 U3r or 6.7 prior to 6.7 U3p. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file read vulnerability exists in the vSphere web client. An unauthenticated, remote attacker can exploit this,...

VMware Warns of Newly Discovered Vulnerabilities in vSphere Web Client

VMware has shipped updates to address two security vulnerabilities in vCenter Server and Cloud Foundation that could be abused by a remote attacker to gain access to sensitive information. The more severe of the issues concerns an arbitrary file read vulnerability in the vSphere Web Client. Track...

CVE-2021-21980

The vSphere Web Client FLEX/Flash contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information...

CVE-2021-22049

The vSphere Web Client FLEX/Flash contains an SSRF Server Side Request Forgery vulnerability in the vSAN Web Client vSAN UI plug-in. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an...

CVE-2021-22049

The vSphere Web Client FLEX/Flash contains an SSRF Server Side Request Forgery vulnerability in the vSAN Web Client vSAN UI plug-in. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an...

CVE-2021-21980

The vSphere Web Client FLEX/Flash contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information...

Design/Logic Flaw

The vSphere Web Client FLEX/Flash contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information...

Server side request forgery (ssrf)

The vSphere Web Client FLEX/Flash contains an SSRF Server Side Request Forgery vulnerability in the vSAN Web Client vSAN UI plug-in. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an...

CVE-2021-22049

CVE-2021-22049 is an SSRF flaw in the vSAN Web Client (vSAN UI) plug‑in of vSphere Web Client. Exploitation requires network access to port 443 on vCenter Server to trigger a URL request outside or to internal services. Connected sources confirm this affects VMware vCenter Server and describe the...

CVE-2021-22049

The vSphere Web Client FLEX/Flash contains an SSRF Server Side Request Forgery vulnerability in the vSAN Web Client vSAN UI plug-in. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an...

CVE-2021-21980

CVE-2021-21980 affects the vSphere Web Client (FLEX/Flash) in VMware vCenter Server, enabling an unauthorized arbitrary file read via network access to port 443. Public documentation confirms path traversal/vfile-read behavior with high impact (CVE-2021-21980; CVSSv3.1 base 7.5). Affected product...

CVE-2021-21980

The vSphere Web Client FLEX/Flash contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information...

VMware vCenter Server updates address arbitrary file read and SSRF vulnerabilities (CVE-2021-21980, CVE-2021-22049)

3a. vCenter Server updates address arbitrary file read vulnerability in the vSphere Web Client CVE-2021-21980 The vSphere Web Client FLEX/Flash contains an unauthorized arbitrary file read vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a...

VMSA-2021-0027:VMware vCenter Server updates address arbitrary file read and SSRF vulnerabilities

Advisory ID: VMSA-2021-0027.1 CVSSv3 Range: 6.5-7.5 Issue Date:2021-11-23 Updated On: 2022-02-15 CVEs: CVE-2021-21980, CVE-2021-22049 Synopsis: VMware vCenter Server updates address arbitrary file read and SSRF vulnerabilities CVE-2021-21980, CVE-2021-22049 RSS Feed Download PDF Download Text Fil...

VMware vCenter Server Remote Code Execution Vulnerability

VMware vCenter Server vSphere Client contains a remote code execution vulnerability in a vCenter Server plugin which allows an attacker with network access to port 443 to execute commands with unrestricted privileges on the underlying operating system...

The vulnerability of the VMware vSphere Life-cycle Manager module, a management tool for virtual infrastructure, allows a hacker to delete arbitrary files. This vulnerability exists in the VMware vCenter Server virtualization platform and the VMware Cloud Foundation.

The vulnerability of the VMware vSphere Life-cycle Manager, a management tool for virtual infrastructure, related to VMware vCenter Server and VMware Cloud Foundation virtualization platforms, is associated with privilege management errors. Exploiting this vulnerability could allow an attacker to...