Team:
Yesterday on my LinkedIn I announced that VMware had just release a security advisory that affected vRealize Business for Cloud. This vulnerability got a whopping 9.8 as a CSSv3 base score. If you’re not familiar with how vulnerabilities are rated, that equates to “you should remediate this situation….now!” The max score is a 10, to put it into a different perspective.
Remote Code Execution
The exploit allows the attacker to perform unauthorized remote code execution on the vRealize Business for Cloud (vRB) appliance. What does that mean? They don’t need any explicit rights or authorization to execute any commands, scripts, etc. on that machine.
Remediation
According to the advisory, the only way to remediate the issue is to apply the patch that can be found on https://my.vmware.com. Build 17828140 was released on 5/5/21 under filename ‘vRealize-Business-for-Cloud-7.6.0.46000-17828140-updaterepo.iso’.
Conclusion
I know this was a quick post, but it’s severe enough to just get down to business if you’re a vRB 7.6 user. You can find a link to the original advisory here and one to the knowledge base article here. Thanks for reading. If you enjoyed the post make sure you check us out at dirmann.tech and follow us on LinkedIn, Twitter, Instagram, and Facebook!
References:
https://kb.vmware.com/s/article/83475
https://www.vmware.com/security/advisories/VMSA-2021-0007.html
Paul Dirmann (vExpert PRO*, vExpert***, VCIX-DCV, VCAP-DCV Design, VCAP-DCV Deploy, VCP-DCV, VCA-DBT, C|EH, MCSA, MCTS, MCP, CIOS, Network+, A+) is the owner and current Lead Consultant at Dirmann Technology Consultants. A technology evangelist, Dirmann has held both leadership positions, as well as technical ones architecting and engineering solutions for multiple multi-million dollar enterprises. While knowledgeable in the majority of the facets involved in the information technology realm, Dirmann honed his expertise in VMware’s line of solutions with a primary focus in hyper-converged infrastructure (HCI) and software-defined data centers (SDDC), server infrastructure, and automation. Read more about Paul Dirmann here, or visit his LinkedIn profile.
