VMware NSX Vulnerabilities Allow Hackers To Execute Arbitrary Commands

   October 10, 2024  Posted in CyberSecurityNews


VMware has issued a critical advisory (VMSA-2024-0020) detailing multiple vulnerabilities in its NSX and Cloud Foundation products.

These vulnerabilities, identified as CVE-2024-38818, CVE-2024-38817, and CVE-2024-38815, could potentially allow malicious actors to execute arbitrary commands, escalate privileges, and conduct content spoofing attacks.

EHA

  • VMware NSX
  • VMware Cloud Foundation

Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free

Vulnerability Details

1. Command Injection Vulnerability (CVE-2024-38817)

VMware NSX contains a command injection vulnerability that allows a malicious actor with access to the NSX Edge CLI terminal to execute arbitrary commands on the operating system as root.

This vulnerability has been rated as Moderate with a CVSSv3 base score of 6.7.

2. Local Privilege Escalation Vulnerability (CVE-2024-38818)

VMware NSX also contains a local privilege escalation vulnerability, which could allow an authenticated malicious actor to obtain permissions from a group role that is separate from what was previously assigned.

This vulnerability has also been rated as Moderate with a CVSSv3 base score of 6.7.

3. Content Spoofing Vulnerability (CVE-2024-38815)

Furthermore, VMware NSX contains a content spoofing vulnerability that could allow an unauthenticated malicious actor to craft a URL and redirect a victim to an attacker-controlled domain, leading to sensitive information disclosure.

This vulnerability has been rated as Moderate with a CVSSv3 base score of 4.327.

It is recommended that organizations check for the current version of VMware NSX installed in their environment. This can be done by logging into the NSX Manager web interface and checking the version information.

To remediate these vulnerabilities, users are advised to update to the versions listed in the ‘Fixed Version’ column of the ‘Response Matrix’ provided by VMware. No workarounds are available for these vulnerabilities.

VMware has thanked several researchers for responsibly reporting these issues, including n3k from TIANGONG Team of Legendsec at QI-ANXIN Group, Allan Pinto and Kumaran Ravichandran of Westpac Banking Corporation, Benjamin Johns of IQ Consult, and Aymane CHAKI of Excellium Cyber Solutions by Thales.

Strategies to Protect Websites & APIs from Malware Attack => Free Webinar



Source link