Plain Virtualization

A security advisory VMSA-2023-0024 has been release regarding VMware Tools. This compromises of two CVEs namely: CVE-2023-34057, CVE-2023-34058 which carries a CVSSv3 of 7.8 and 7.5 respectively. This mainly affect the host that is running on MacOS or Windows OS with specific VMware Tools version. Both of which are related to bypassing and gaining privilege access.  The one of MacOS might be least impacted since most customer only run MacOS in Fusion or Workstation. Do note and have them updated as the fixed version has been released.

If you are using Aria Operations for Networks, you might want to take note of this vulnerabilities and get it patch up as soon as possible. This carries a CVSSv3 rating up to 9.8 which is a very critical rating. It allows an attacker to be able to access and gain access to information from Aria Operations for Networks. Do check out the securities advisories for the fixed version and act accordingly.

VMware just release a security advisory,  VMSA-2022-0008 on VMware Carbon Black App Control with a rating for CVSSv3 of 9.1. This addresses two CVE, CVE-2022-22951 and CVE-2022-22952. Both CVEs are addressed via the release patch. As always, do apply them soonest.

Two security advisories was sent out on Tuesday 15th Feb. One affecting mainly virtualization platform such as ESXi, Workstation, Fusion and Cloud Foundation. While the other impacts NSX-V and Cloud Foundation that contain NSX-V. Both advisories contains vulnerabilities that has a CVSSv3 score of  more than 8. Except for one that is in the first advisory at time of writing. Check back to the advisories for the updated fix once available. The good news is all fixes are now available except pending for Cloud Foundation for CVE-2022-22945. Below is the security advisories which contain the respective CVE. VMSA-2022-0004 Use-after-free vulnerability in XHCI USB controller (CVE-2021-22040) - 8.4 Double-fetch vulnerability in UHCI USB controller (CVE-2021-22041) - 8.4 ESXi settingsd unauthorized access vulnerability (CVE-2021-22042) - 8.2 ESXi settingsd TOCTOU vulnerability (CVE-2021-22043) - 8.2 ESXi slow HTTP POST denial of service vulnerability (CVE-2021-22050) - 5.3 VMSA-2022-00...

A critical vulnerability has been announced by VMware in regards to vCenter Server found in version 6.5, 6.7 and 7.0. The security advisory can be found here . This is bearing a rating of CVSSv3 of 9.8. A list of FAQ is also release for any questions pertaining to this vulnerability. You can also join in the community discussion regarding to this vulnerability here . It is highly recommended to stay up to date by subscribing to the security advisories alerts. Note that this vulnerability consist of several parts. And each either affects all the version of vCenter Server or partial versions of it. It is highly critical and recommended to patch this immediately. As a user of VMware Cloud on AWS (VMC), great to receive notice that the vCenter Server has been addressed in regards to this vulnerability.

 After changing my role as previously mentioned, it has taken some time off my blogging time. Still I want to pen down some important things that one should be looking at. vExpert Application If you are looking to renew vExpert and missed the dateline earlier the year, or is not already a vExpert, the second half application is now open, check out my post and hope it helps. Sign up now till 9th July where it closes. VMworld 2021 Yes the registration for VMWorld 2021 has now open. Do sign up now to avoid disappointment. vCenter Vulnerability https://www.vmware.com/security/advisories/VMSA-2021-0010.html If you have not been getting notified, you should be worried whether or not your vCenter Server is internet facing. This is a very critical vulnerability as it has a CVSS score of 9.8/10. Make sure you get it patched. This is an issue affecting the way vSAN plugin validation and authentication with vCenter Server via vSphere Client (HTML5). vCenter Server version 6.5 and above are ...