26 C
Jaipur
Monday, October 26, 2020

A Bug VMware Cloud Director Let Hackers Compromise Corporate Servers

Must read

IIT-H researcher develops nanofibrous bags for seed storage – Latest News

A researcher from the Indian Institute of Technology, Hyderabad (IIT-H) has developed encapsulated electrospun polyurethane (PU) nanofibrous bags to prevent seed storage losses. Professor Chandra...

7 Free Horror Movie Websites For Legal Streaming In 2020

Horror movies tend to engage the audience in a manner that other movie genres don’t. They scare the audience, raise their goosebumps, and can...

Smartphones: Motorists with smartphones could help highway chiefs maintain road quality: Study – Latest News

Motorists with smartphones could help highway chiefs maintain road quality by sending "crowdsourced" data from their mobiles that would allow engineers to assess when...

taipa: TAIPA calls for implementation of network roll out rules notified 3 years ago – Latest News

Telecom infrastructure industry body TAIPA on Monday reiterated its demand to implement network roll out rules, notified three years ago, in all states to...

Recently, a group of security researchers at Citadelo has revealed a new vulnerability in VMware Cloud Director, a leading cloud service-delivery platform that could potentially allow an attacker to access sensitive data and control private clouds within the infrastructure.

The security researchers have marked the flaw as ‘CVE-2020-3956‘, even they have also claimed that the flaw is a classic code injection that results in malicious injection or introduction of code.

This security flaw could be abused by the attackers to send malicious traffic to the Cloud Director, ultimately leading to the execution of arbitrary code, as we hinted earlier. 

Moreover, this security flaw was rated 8.8 out of 10 on the CVSSV3 vulnerability severity scale, making it a dangerous flaw unveiled by the security researchers.

VMware Cloud Director is a popular distribution platform that is used to manage and organize resources in the cloud, allowing firms to access data centers distributed in different geo-locations.

In short, the hackers can use this vulnerability to execute code execution attacks and technically take over all private clouds linked to the provided infrastructure.

The security company, Citadelo discovered this vulnerability on April 1, after conducting a security audit for a customer.

But, this tool is used by several companies around the world, and the urgency to solve the problem was introduced. 

This security flaw affects the VMware Cloud Director in versions 10.1.0 and earlier, as well as vCloud Director 8x – 10x in Linux configurations and PhotonOS devices. Apart from this, this flaw could be exploited through HTML5, Flex-based UIs, the API Explorer interface, and API access.

Who is affected?

  • Public cloud providers using VMware vCloud Director.
  • Private cloud providers using VMware vCloud Director
  • Enterprises using VMware vCloud Director technology
  • Any government identity using VMware Cloud Director.

Exploitation

This security flaw allows the attackers to do the following things that we have mentioned below:-

  • Allow viewing all the crucial contents of the system’s internal database.
  • Allow modifying the system database to access the virtual machines (VMs) assigned to different organizations.
  • Allow escalating the privileges from Organization Administrator to System Administrator with access to all cloud accounts.
  • Allow changing the Cloud Director login page.
  • Allow accessing other sensitive data like the customers’ full names, email addresses, and IP addresses.

By using the code injection vulnerabilities, attackers can view the confidential data of internal databases, like the password hashes that are given to the customers of the information system.

However, after these discoveries, the security researchers have directly communicated their results to VMware, and the company quickly responded to fix the security holes in a series of updates in versions ‘9.1.0.4,’ ‘9.5.0.6,’ ‘9.7.0.5,’ and ‘10.0. 0.2.’

So, the organizations that have not yet applied this fix are still vulnerable to this flaw.

So, what do you think about this? Share all your views and thoughts in the comment section below.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read:

SaltStack Salt Critical Bug Affects Thousands of Datacenters and Cloud Environments

Cloud Computing Penetration Testing Checklist & Important Considerations

How to Choose a Cloud Services Provider With Best Security considerations

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

IIT-H researcher develops nanofibrous bags for seed storage – Latest News

A researcher from the Indian Institute of Technology, Hyderabad (IIT-H) has developed encapsulated electrospun polyurethane (PU) nanofibrous bags to prevent seed storage losses. Professor Chandra...

7 Free Horror Movie Websites For Legal Streaming In 2020

Horror movies tend to engage the audience in a manner that other movie genres don’t. They scare the audience, raise their goosebumps, and can...

Smartphones: Motorists with smartphones could help highway chiefs maintain road quality: Study – Latest News

Motorists with smartphones could help highway chiefs maintain road quality by sending "crowdsourced" data from their mobiles that would allow engineers to assess when...

taipa: TAIPA calls for implementation of network roll out rules notified 3 years ago – Latest News

Telecom infrastructure industry body TAIPA on Monday reiterated its demand to implement network roll out rules, notified three years ago, in all states to...

trai: Telcos flag E and V bands, floor price, other issues at meeting with new Trai chief Vaghela – Latest News

Telcos, under the aegis of COAI, have jointly pitched for spectrum allocation in E and V bands only through an auction and urged the...