Security News > 2020 > June > VMware Cloud Director vulnerability enables a full cloud infrastructure takeover
A code injection vulnerability affecting VMware vCloud Director could be exploited to take over the infrastructure of cloud services, Citadelo researchers have discovered.
VMware Cloud Director is a cloud service delivery platform used by public and private cloud providers to operate and manage cloud infrastructure.
CVE-2020-3956 was discovered by Citadelo penetration testers during a security audit of a customer's VMWare Cloud Director-based cloud infrastructure.
"An authenticated actor may be able to send malicious traffic to VMware Cloud Director which may lead to arbitrary remote code execution. This vulnerability can be exploited through the HTML5- and Flex-based UIs, the API Explorer interface and API access," VMware explained in a security advisory published on May 19, after the company finished releasing patches for several versions of vCloud Director.
VMware Cloud Director v10.1.0 and vCloud Director versions 9.0.x and 8.x are not affected by the flaw.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/1d8nWK-i3mA/
Related news
- AWS Cloud Development Kit Vulnerability Exposes Users to Potential Account Takeover Risks (source)
- Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability (source)
- VMware patches remote make-me-root holes in vCenter Server, Cloud Foundation (source)
- Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks (source)
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- AWS Cloud Development Kit flaw exposed accounts to full takeover (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-05-20 | CVE-2020-3956 | Expression Language Injection vulnerability in VMWare Vcloud Director VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and 9.1.0.x before 9.1.0.4 do not properly handle input leading to a code injection vulnerability. | 6.5 |