CVE-2022-22966 An authenticated, high-privileged malicious actor with network access to a VMware Cloud Director tenant or provider may be able to exploit a remote code execution vulnerability to gain access to the server.

CVE-2022-22966 An authenticated, high-privileged malicious actor with network access to a VMware Cloud Director tenant or provider may be able to exploit a remote code execution vulnerability to gain access to the server.

To mitigate the risk of a compromised server, it is recommended that only trusted, internal users be assigned root privileges, and that users adhere to the recommendations outlined in the Security Best Practices for VMware Cloud on AWS documentation. vSphere users can further limit the risk of a compromised server by disabling remote root access and SSH. vSphere also allows for the use of a password-protected VNC server to access the server, should the need for root access arise. For more information on how to secure your vSphere deployment, see the vSphere documentation.

Verify the Correct Installation of Updates

It is important that vSphere be regularly updated, as the default installation is often not up to date. For example, the current release of vSphere 6.5 is the 10th update in the series. In addition, many security patches are released for vSphere 6.0 and 6.5 simultaneously, so it is critical that these patches are applied to ensure a secure environment.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe