VMware, a subsidiary of Dell Technologies, released several patches on Tuesday to address critical vulnerabilities that affect its vSphere virtualization platform in the cloud.
The bugs resolve three vulnerabilities in VMware's vSphere Data Protection (VDP), a backup and recovery solution used with its vSphere platform. According to the company, a remote attacker could exploit the vulnerabilities and take control of the affected systems.
Each of the vulnerabilities (CVE-2017-15548, CVE-2017-15549, CVE-2017-15550) is considered critical. The versions of VDP 6.1.x, 6.0.x and 5.x that run on VMware virtual devices are affected. The company said there are no solutions available.
vSphere Data Protection is a backup solution for use in vSphere environments, and generally runs in tandem with VMware vCenter Server and vSphere Web Client.
The VMware Security Advisory describes one of the vulnerabilities (CVE-2017-15548) as a VDP authentication skip vulnerability. According to the company, the vulnerability allows an "unauthenticated remote malicious user to potentially avoid authentication of the application and obtain unauthorized root access to the affected systems."
A second VDP load vulnerability (CVE-2017-15549) allows a "remote authenticated malicious user with low privileges (to) upload arbitrarily created files in a malicious manner to any location in the server's file system."
Finally, the CVE-2017-15550 vulnerability is a cross-sectional vulnerability that allows a "remote authenticated malicious user with low privileges (to) access arbitrary files in the server's file system in the context of the vulnerable application in execution".
According to VMware, patches are available for each of the vulnerabilities through updates to each of the affected versions of vSphere Data Protection. VMware did not go into detail about the vulnerabilities.
Last year, VMware patched several vulnerabilities related to its vSphere Data Protection solution, which include a Java deserialization problem and a second VDP vulnerability in relation to the way it stores credentials.
No comments:
Post a Comment
Note: only a member of this blog may post a comment.