Team:
Real quick! VMware announce a newly discovered vulnerability in NSX-T 3.1 that weighs in at a base score of 7.5 of 10 in CSSSv3, giving it an ‘Important’ label. This particular exploit will allow unauthorized privilege escalation through the local ‘guest’ account.
The Workaround
Luckily, this one doesn’t make you jump through hoops, stand on your tippy tips, and perform the sacred ceremony of our forefathers to mitigate. Actually, it’s really simple. Just disable the ‘guest’ account. Furthermore, don’t assign the guest account the any RBAC roles that allow it execute user-role assignments. Quite frankly, I don’t know why you would do this anyway…or even have the guest account enabled, for that matter. But maybe you do for some specific reason, and if so, you should disable it if you can’t patch your NSX-T infrastructure.
The Perma-Fix
Yes, that’s right! Patching up to 3.1.2 will permanent resolve the issue for you. See? Really simple!
Conclusion
There’s not much more to say about this one. If you want to review the actual VMware Advisory, it can be found here. I have a few more articles that I’m working on pumping out for everyone so stay tuned! Thanks for reading. If you enjoyed the post make sure you check us out at dirmann.tech and follow us on LinkedIn, Twitter, Instagram, and Facebook!
References:
https://www.vmware.com/security/advisories/VMSA-2021-0006.html
https://kb.vmware.com/s/article/83047
Paul Dirmann (vExpert PRO*, vExpert***, VCIX-DCV, VCAP-DCV Design, VCAP-DCV Deploy, VCP-DCV, VCA-DBT, C|EH, MCSA, MCTS, MCP, CIOS, Network+, A+) is the owner and current Lead Consultant at Dirmann Technology Consultants. A technology evangelist, Dirmann has held both leadership positions, as well as technical ones architecting and engineering solutions for multiple multi-million dollar enterprises. While knowledgeable in the majority of the facets involved in the information technology realm, Dirmann honed his expertise in VMware’s line of solutions with a primary focus in hyper-converged infrastructure (HCI) and software-defined data centers (SDDC), server infrastructure, and automation. Read more about Paul Dirmann here, or visit his LinkedIn profile.
