Headline
Vulnerability Spotlight: Denial-of-service vulnerability discovered in VMWare vCenter
Marcin ‘Icewall’ Noga of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered a denial-of-service vulnerability in VMWare vCenter Server. VMware vCenter Server is a platform that enables centralized control and monitoring over all virtual machines and EXSi hypervisors included in vSphere. TALOS-2022-1588 (CVE-2022-31698) concerns a pre-authentication denial-of-service
Tuesday, December 13, 2022 11:12
Marcin ‘Icewall’ Noga of Cisco Talos discovered this vulnerability.
Cisco Talos recently discovered a denial-of-service vulnerability in VMWare vCenter Server.
VMware vCenter Server is a platform that enables centralized control and monitoring over all virtual machines and EXSi hypervisors included in vSphere.
TALOS-2022-1588 (CVE-2022-31698) concerns a pre-authentication denial-of-service vulnerability in a handler of the content library. A specially crafted HTTP header can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.
Cisco Talos worked with VMWare to ensure that this issue is resolved and an update is available for affected customers, all in adherence to Cisco’s vulnerability disclosure policy.
Users are encouraged to update the affected product as soon as possible: VMware vCenter Server 6.5 Update 3t. Talos tested and confirmed this version of VMWare could be exploited by this vulnerability.
The following Snort rule will detect exploitation attempts against this vulnerability: 60408. Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.
Related news
Categories: News Categories: Ransomware Tags: ESXi Tags: ESXiArgs Tags: encryption routine The ransomware group behind the massive attack on ESXi Virtual Machines has come up with a new variant that can no longer be decrypted with the existing recovery script (Read more...) The post New ESXiArgs encryption routine outmaneuvers recovery methods appeared first on Malwarebytes Labs.
Categories: Exploits and vulnerabilities Categories: News Categories: Ransomware Tags: VMware Tags: ESXi Tags: Nevada Tags: ransomware Tags: Linux Tags: CVE-2021-21974 Over the weekend, several CERTs warned about ongoing ransomware attacks against unpatched VMware ESXi virtual machines. (Read more...) The post Two year old vulnerability used in ransomware attack against VMware ESXi appeared first on Malwarebytes Labs.
Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.
VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure.