Positive Technologies Finds Dangerous Vulnerability in VMware vRealize Cloud Tool

This vulnerability is ranked as critical because a cybercriminal could take full control of the server.

Edward Gately, Senior News Editor

May 17, 2021

2 Min Read
Security Vulnerability
Shutterstock

Positive Technologies has uncovered a dangerous vulnerability in VMware vRealize Business for Cloud, and is asking organizations to install fixes ASAP.

VMWare designed vRealize Business for Cloud for cloud cost analysis. It helps organizations visualize and plan expenses and compare business indicators. VMware patched the flaw and published a security advisory.

Egor Dimitrenko is a Positive Technologies researcher. He discovered the vulnerability and said it’s ranked as critical. That’s because it allows an unauthenticated criminal to take full control of the server and attack the organization’s infrastructure.

“That’s why it is very important to install the fixes provided by the vendor asap,” he said.

Due to the incorrect configuration of the application, an unidentified attacker could gain access to the built-in update mechanism, Dimitrenko said. This function allows them to execute arbitrary commands on the server by exploiting the legitimate mechanism for installing new versions of the product.

Insufficient testing of new functionality at the time of release caused the flaws, he said.

More Severe than Previous VMware Vulnerability

“This vulnerability is more severe than our finding in VMware vSphere Replication,” Dimitrenko said. “That’s because no permission is required to perform an attack for the latest flaw. But VMware vRealize Business for Cloud isn’t found as frequently on the internet as VMware vCenter. We previously discovered a vulnerability affecting this product that would allow attackers to execute arbitrary commands, compromise the vCenter Server, and gain access to sensitive data.”

To fix the vulnerability, businesses should follow the recommendations from VMware‘s official notice. If organizations can’t install the update, they can detect signs of penetration. They can do with a security information and event management (SIEM) solution.

SIEM helps identify suspicious behavior on the server and register an incident. It also prevent intruders from moving laterally within the corporate network.

Earlier this month, Positive Technologies identified new vulnerabilities in Cisco firewalls that could cause denial of service and block access to corporate networks. The two vulnerabilities are in the Adaptive Security Appliance and Firepower Threat Defense within Cisco hardware firewalls. Cisco has patched both.

Read more about:

MSPsVARs/SIs

About the Author

Edward Gately

Senior News Editor, Channel Futures

As senior news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like