Critical VMware Cloud Director Bug Could Let Hackers Takeover Entire Cloud Infrastructure

Cloud computing and virtualization technology firm VMWare on
Thursday rolled out an update to resolve a critical security flaw
in its Cloud Director product that could be weaponized to launch
remote code execution attacks.

The issue, assigned the identifier
CVE-2022-22966, has a CVSS score of 9.1 out of a
maximum of 10. VMware credited security researcher Jari Jääskelä
with reporting the flaw.

“An authenticated, high privileged malicious actor with network
access to the VMware Cloud Director tenant or provider may be able
to exploit a remote code execution vulnerability to gain access to
the server,” VMware said^[1]
in an advisory.

As the leading cloud infrastructure management platform, VMware
Cloud Director (formerly vCloud Director) is used by many
well-known cloud providers to operate and manage their cloud
infrastructures. Half a million VMware customers use the software
to run the world’s complex digital infrastructure.

The vulnerability could, in other words, end up allowing
attackers to gain access to sensitive data and take over private
clouds within an entire infrastructure.

Affected versions include 10.1.x, 10.2.x, and 10.3.x, with fixes
available in versions 10.1.4.1, 10.2.2.3, and 10.3.3. The company
has also published workarounds^[2]
that can be followed when upgrading to a recommended version is not
an option.

The patches arrive a day after exploits^[3]
for another recently fixed critical flaw in VMware Workspace ONE
Access were detected in the wild.

The flaw (CVE-2022-22954^[4]) relates to a remote
code execution vulnerability that stems from server-side template
injection in VMware Workspace ONE Access and Identity Manager.

With VMware products often becoming a lucrative target for
threat actors, the update adds to the urgency for organizations to
apply necessary mitigations to prevent potential threats.