Advertisement
Top
image credit: Adobe Stock

VMware Releases Patch for Critical RCE Flaw in Cloud Foundation Platform

October 26, 2022

Via: The Hacker News
Category:

VMware on Tuesday shipped security updates to address a critical security flaw in its VMware Cloud Foundation product.

Tracked as CVE-2021-39144, the issue has been rated 9.8 out of 10 on the CVSS vulnerability scoring system, and relates to a remote code execution vulnerability via XStream open source library.

“Due to an unauthenticated endpoint that leverages XStream for input serialization in VMware Cloud Foundation (NSX-V), a malicious actor can get remote code execution in the context of ‘root’ on the appliance,” the company said in an advisory.

Read More on The Hacker News

RELATED PUBLICATIONS

Google fixed critical Chrome vulnerability CVE-2024-4058
Palo Alto Networks Warns of Exploited Firewall Vulnerability
Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software

Latest Publications

Kaiser Permanente Discloses Data Breach Impacting 13.4 Million People
The Los Angeles County Department of Health Services disclosed a data breach
Sweden’s liquor supply severely impacted by ransomware attack on logistics company
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!