VMware HCX Platform Vulnerable to SQL Injection Attacks


VMware released an advisory (VMSA-2024-0021) addressing a critical vulnerability in its HCX platform.

The vulnerability, CVE-2024-38814, is an authenticated SQL injection flaw that poses a significant security risk. With a CVSSv3 base score of 8.8, this issue is classified as having “Important” severity.

The vulnerability allows malicious authenticated users with non-administrator privileges to execute unauthorized remote code on the HCX manager by submitting specially crafted SQL queries.

– Advertisement –
SIEM as a Service

Impacted Products and Resolution

According to the Broadcom report, the vulnerability affects multiple versions of VMware HCX, specifically version 4.10.x, 4.9.x, and 4.8.x.

Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free

VMware has promptly released patches to address this issue. Users are strongly advised to apply the updates listed in the “Fixed Version” column of the response matrix provided below:

VMware Product Version CVE CVSSv3 Severity Fixed Version
VMware HCX 4.10.x CVE-2024-38814 8.8 Important 4.10.1
VMware HCX 4.9.x CVE-2024-38814 8.8 Important 4.9.2
VMware HCX 4.8.x CVE-2024-38814 8.8 Important 4.8.3

No workarounds or additional documentation are available for this vulnerability, underscoring the urgency of users updating their systems immediately.

Acknowledgments and Recommendations

VMware has acknowledged Sina Kheirkhah (@SinSinology) of the Summoning Team (@SummoningTeam), working with Trend Micro Zero Day Initiative (ZDI), for responsibly reporting this vulnerability.

This collaboration highlights the importance of coordinated disclosure in maintaining cybersecurity.

Organizations using VMware HCX should prioritize updating their systems to fixed versions to mitigate potential exploitation risks.

Regularly reviewing security advisories and maintaining updated software versions are crucial to safeguarding against vulnerabilities such as CVE-2024-38814.

For further details, users can refer to VMware’s official advisory page and stay informed about any future updates or related security notices from VMware.

This incident reminds us of the ever-present threat landscape and the need for vigilance in cybersecurity practices across all sectors, using virtualized environments like VMware HCX.

How to Choose an ultimate Managed SIEM solution for Your Security Team -> Download Free Guide(PDF)



Source link