Bug in VMware Cloud Director could allow hackers to takeover entire cloud infrastructure

VMWare, a leader in cloud computing and virtualization, rolled out an update on Thursday that addresses a critical security hole in its Cloud Director product that could be weaponized to launch remote code execution attacks.

A CVSS score of 9.1 out of 10 has been assigned to the vulnerability, which has the identifier CVE-2022-22966.The vulnerability was reported by security researcher Jari Jääskelä.

VMware said in the advisory that a high-privileged hacker with network access to VMware Cloud Director could exploit a remote code execution vulnerability to gain access to the server.

“An authenticated, high privileged malicious actor with network access to the VMware Cloud Director tenant or provider may be able to exploit a remote code execution vulnerability to gain access to the server,” VMware said in an advisory.

VMware Cloud Director, formerly known as vCloud Director, is used by many well-known cloud providers to operate and manage their cloud infrastructures and gain visibility into datacenters across sites and geographies.

The vulnerability could, in other words, end up allowing attackers to gain access to sensitive data and take over private clouds within an entire infrastructure.

Affected versions include 10.1.x, 10.2.x, and 10.3.x, with fixes available in versions,, and 10.3.3. The company has also published workarounds that can be followed when upgrading to a recommended version is not an option.

The patches arrive a day after exploits for another recently fixed critical flaw in VMware Workspace ONE Access were detected in the wild.

The flaw (CVE-2022-22954) relates to a remote code execution vulnerability that stems from server-side template injection in VMware Workspace ONE Access and Identity Manager.

With VMware products often becoming a lucrative target for threat actors, the update adds to the urgency for organizations to apply necessary mitigations to prevent potential threats.

Some sections of this post are sourced from: thehackernews.com

Add a Comment

Your email address will not be published. Required fields are marked *