VMware Cloud Foundation is a hybrid cloud platform that provides software-defined services for compute, storage, networking, security and cloud management to run enterprise apps in private or public environments. It can be installed on a Windows machine or a preconfigured Linux version (i.e., the vCenter Server Appliance). VMware vCenter Server is software that allows administrators to provision, monitor, orchestrate, and control their VMware vSphere deployments (virtual machines) from a centralized location. This means the attacker may already be able to reach vCenter Server from inside a corporate firewall, and time is of the essence.” About VMware vCenter Server and Cloud Foundation With the threat of ransomware looming nowadays the safest stance is to assume that an attacker may already have control of a desktop and a user account through the use of techniques like phishing or spearphishing, and act accordingly. “The ramifications of this vulnerability are serious and it is a matter of time – likely minutes after the disclosure – before working exploits are publicly available.
“This vulnerability can be used by anyone who can reach vCenter Server over the network to gain access, regardless of the configuration settings of vCenter Server,” the company noted. VMware has fixed 19 vulnerabilities affecting VMware vCenter Server and VMware Cloud Foundation, the most critical of which is CVE-2021-22005.
