Severity Rating: HIGH
Software Affected
VMware ESXi version prior to 8.0
VMware vCenter Server versions prior to 8.0
VMware Cloud Foundation (vCenter Server) version 4.x and prior
VMware Cloud Foundation (ESXi) version 4.x and prior
Overview
Multiple
vulnerabilities have been reported in VMware ESXi and vCenter Server
which could allow an attacker to trigger memory corruption, disclose
sensitive information and cause denial of service condition on the
targeted system.
Description
1. VMware ESXi memory corruption vulnerability ( CVE-2022-31696 )
This
vulnerability exists in VMware ESXi due to a boundary error in the way
network socket are handled. A local attacker with access to ESXi could
exploit this vulnerability to trigger memory corruption and execute
arbitrary code with elevated privileges on the targeted system.
2. VMware vCenter Server information disclosure vulnerability ( CVE-2022-31697 )
This
vulnerability exists in VMware vCenter server due to the logging of
credentials in plain text. A local attacker with access to a workstation
that invoked a vCenter Server Appliance ISO operation could exploit
this vulnerability to disclose sensitive information on the targeted
system.
3. VMware vCenter Server denial of service vulnerability ( CVE-2022-31698 )
This
vulnerability exists in VMware vCenter Server due to insufficient
validation of user-supplied input in the content library service when
handling HTTP headers. A remote attacker could exploit this
vulnerability by sending a specially crafted HTTP request to port
443/tcp. Successful exploitation of this vulnerability could allow a
remote attacker to cause a denial of service (DoS) condition on the
targeted system.
4. VMware ESXi OpenSLP heap overflow vulnerability ( CVE-2022-31699 )
This
vulnerability exists in VMware ESXi due to a boundary error in OpenSLP.
A local attacker with restricted privileges within a sandbox process
could exploit this vulnerability to trigger a heap overflow and gain
access to sensitive information on the targeted system.
Solution
Apply appropriate updates as mentioned by the vendor:
Vendor Information
VMware
References
VMware
CVE Name
CVE-2022-31696
CVE-2022-31697
CVE-2022-31698
CVE-2022-31699
About Cert Advisory
We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.