Headline
VMware Security Advisory 2022-0018
VMware Security Advisory 2022-0018 - VMware vCenter Server updates address a server-side request forgery vulnerability.
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256VMSA-2022-0018 - VMware vCenter Server updates address a server-siderequest forgery vulnerability (CVE-2022-22982)Please see the advisory here:https://www.vmware.com/security/advisories/VMSA-2022-0018.htmlImpacted Products:VMware vCenter Server (vCenter Server)VMware Cloud Foundation (Cloud Foundation)You are receiving this alert because you are subscribed to the VMwareSecurity Announcements mailing list. To modify your subscription orunsubscribe please visithttps://lists.vmware.com/mailman/listinfo/security-announce.-----BEGIN PGP SIGNATURE-----Version: Encryption Desktop 10.4.2 (Build 1298)Charset: utf-8wlcDBQFizaSpkn/yQ99+VXERCLs9AP46BD/HVnf+SOGAK/4PEO8CFvxURiIrNSwWsP8lrPMKgAEA7X2klsu/HlQSLtfuqXy26uv3HRIqLfti5mmtuKT60KM==rvrI-----END PGP SIGNATURE-----Related news
CVE-2022-22982: VMSA-2022-0018
The vCenter Server contains a server-side request forgery (SSRF) vulnerability. A malicious actor with network access to 443 on the vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service.