Introduction

A vulnerability has been discovered in VMware vCenter Server, which could result in remote code execution. VMware vCenter Server is a centralized management utility for VMware and is used to manage virtual machines, multiple ESXi hosts, and all dependent components from a single centralized location. An attacker could exploit this vulnerability to trigger sensitive information disclosure on the targeted system or the user’s running application.

System / Technologies affected

• VMware vCenter Server Version 7

• VMware vCenter Server Version 6.7

• VMware vCenter Server Version 6.5

• VMware Cloud Foundation (vCenter Server) Version 4

• VMware Cloud Foundation (vCenter Server) Version 3

RISK:

Government:
Large and medium government entities: HIGH
Small government: medium

Businesses:
Large and medium business entities: HIGH.
Small business entities: MEDIUM.

Home Users: LOW

Recommendations and Solutions

We recommend the following actions be taken:

• Verify host hasn’t been compromised before applying patches.

• Apply appropriate updates provided by VMware to vulnerable systems immediately after appropriate testing.

• Restrict network access to TCP port 443 to authorized hosts or accessible through a VPN.

• Run all software as a non-privileged user.

• Remind users not to visit un-trusted websites or follow links provided by untrusted sources.

Before installation of the software, please visit the vendor website for more details.

• Apply fixes issued by the vendor:

  https://www.vmware.com/security/advisories/VMSA-2022-0009.html

Source

• VMware

• https://www.vmware.com/security/advisories/VMSA-2022-0009.html