Three days ago, VMWare issued patches fixing multiple critical security vulnerabilities in several of its software. The affected tools include VMware Workspace One Access, VMWare Cloud Foundation, and multiple vRealize tools.
The programs affected are mostly software for remote access, hybrid cloud creation, and cloud management and monitoring. In other words, they are VMWare’s enterprise solutions for large-scale operations.
One vulnerability allowed attackers to use port 443 to tamper with host headers and send out a server request. Attackers could potentially access certain server endpoints without authentication. This can allow the collection of any number of protected data.
VMWorkspace One and Identity Manager also got a patch to protect port 7443.
Before the patch, it was possible to target the port to conduct brute-force attacks and log into a specific machine (in case of weak login details). Although less likely to cause a problem in well-managed systems, the issue could present a rather nasty opportunity for determined hackers.
If you run any of the mentioned VMWare products, now’s time to update to the latest version.
If you need a bit more leeway, VMWare also published a workaround to patch up the issue on vRealize until you can safely update. VMWare promises the fix will not affect functionality, so all users can implement it immediately.