[SECURITY-L] VMware NSX Data Center for vSphere update addresses CLI shell injection
CSIRT Unicamp
security em unicamp.br
Sexta Fevereiro 18 10:37:22 -03 2022
Advisory ID: VMSA-2022-0005
CVSSv3 Range: 8.8
Issue Date: 2022-02-15
Updated On: 2022-02-15 (Initial Advisory)
CVE(s): CVE-2022-22945
Synopsis: VMware NSX Data Center for vSphere update addresses CLI shell
injection vulnerability (CVE-2022-22945)
*1. Impacted Products*
- VMware NSX Data Center for vSphere (NSX-V)
- VMware Cloud Foundation (Cloud Foundation)
*2. Introduction*
A CLI shell injection vulnerability affecting VMware NSX Data Center for
vSphere was privately reported to VMware. Updates are available to address
this vulnerability in affected VMware products.
*3. VMware NSX Data Center for vSphere update addresses CLI shell injection
vulnerability (CVE-2022-22945)*
*Description*
VMware NSX Data Center for vSphere contains a CLI shell injection
vulnerability in the NSX Edge appliance component. VMware has evaluated the
severity of this issue to be in the Important severity range
<https://www.vmware.com/support/policies/security_response.html> with a
maximum CVSSv3 base score of 8.8
<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H>
.
*Known Attack Vectors*
A malicious actor with SSH access to an NSX-Edge appliance (NSX-V) can
execute arbitrary commands on the operating system as root.
*Resolution*
To remediate CVE-2022-22945 apply the patches listed in the 'Fixed Version'
column of the 'Response Matrix' below.
*Workarounds*
None
*Additional Documentation*
None
*Notes*
None
*Acknowledgements*
VMware would like to thank Dimitri Di Cristofaro (@d_glenx) and Przemek
Reszke (@kolokokop) from SECFORCE LTD for reporting this issue to us.
*Response Matrix*
Product Version Running On CVE Identifier CVSSv3 Severity Fixed Version
Workarounds Additional Documentation
NSX Data Center for vSphere
Any
Any
CVE-2022-22945
8.8
<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H>
important
6.4.13
<https://docs.vmware.com/en/VMware-NSX-Data-Center-for-vSphere/6.4/rn/VMware-NSX-Data-Center-for-vSphere-6413-Release-Notes.html>
None
None
*Impacted Product Suites that Deploy Response Matrix Components:*
Product Version Running On CVE Identifier CVSSv3 Severity Fixed Version
Workarounds Additional Documentation
Cloud Foundation (NSX-V)
3.x
Any
CVE-2022-22945
8.8
<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H>
important
Patch Pending
None
None
*4. References*
Fixed Version(s) and Release Notes:
NSX Data Center for vSphere 6.4.13
Downloads and Documentation:
https://customerconnect.vmware.com/en/downloads/details?downloadGroup=NSXV_6413&productId=417&rPId=84646
https://docs.vmware.com/en/VMware-NSX-Data-Center-for-vSphere/6.4/rn/VMware-NSX-Data-Center-for-vSphere-6413-Release-Notes.html
Mitre CVE Dictionary Links:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22945
FIRST CVSSv3 Calculator:
CVE-2022-22945 -
https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
*5. Change Log*
2022-02-15: VMSA-2022-0005
Initial security advisory.
*6. Contact*
E-mail list for product security notifications and announcements:
https://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
security-announce em lists.vmware.com <security-announce em lists.vmware.com>
E-mail: security em vmware.com
PGP key at:
https://kb.vmware.com/kb/1055 <https://kb.vmware.com/kb/1055>
VMware Security Advisories
https://www.vmware.com/security/advisories
<https://www.vmware.com/security/advisories>
VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html
<https://www.vmware.com/support/policies/security_response.html>
VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html
<https://www.vmware.com/support/policies/lifecycle.html>
VMware Security & Compliance Blog
https://blogs.vmware.com/security <https://blogs.vmware.com/security>
Twitter
https://twitter.com/VMwareSRC
Copyright 2022 VMware Inc. All rights reserved.
===
Computer Security Incident Response Team - CSIRT
Universidade Estadual de Campinas - Unicamp
Centro de Computacao - CCUEC
GnuPG Public Key: http://www.security.unicamp.br/security.asc [^]
Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://www.listas.unicamp.br/pipermail/security-l/attachments/20220218/966e71c8/attachment.html>
Mais detalhes sobre a lista de discussão SECURITY-L