Home > Cyber News > CVE-2021-22048: Patch Available for VMware Server Flaw
CYBER NEWS

CVE-2021-22048: Patch Available for VMware Server Flaw

by   |  Last Update:  |  0 Comments  

CVE-2021-22048: Patch Available for VMware Server Flaw

CVE-2021-22048 is a high-severity privilege escalation vulnerability in the VMware vCenter Server IWA mechanism, which also affects the Cloud Foundation hybrid platform. Eight months after the vulnerability was disclosed, the company released a patch for one of the affected versions.

According to the original CVE description, the vCenter Server contains a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism. In terms of how the vulnerability can be exploited, a threat actor with non-administrative access to vCenter Server could leverage the loophole to elevate privileges to a higher privileged group.




Partial Fix Available for CVE-2021-22048

CVE-2021-22048 affects several vCenter Server versions, but an update has been released only for vCenter Server 7.0 Update 3f. In other words, the fix is available only for servers running the latest release (more information about the release).

When the vulnerability was reported first, the company came up with a workaround which involved the switching of SSO identity source configuration from IWA to one of the following options:

  • Active Directory over LDAPs authentication;
  • Identity Provider Federation for AD FS (vSphere 7.0 only).

CVE-2021-22005 is an example of another dangerous vCenter vulnerability. The severe status of the vulnerability was based on the fact that anyone who could reach vCenter Server over the network to gain access could abuse the issue, regardless of the configuration settings of vCenter Server. This also included ransomware threat actors, security researchers pointed out.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. Adobe Patches 112 Vulnerabilities in Latest Patch Package (CVE-2018-5007) Adobe has released the latest patch package that addresses a...
  2. CVE-2021-21985: Critical Flaw in VMware vCenter Needs Immediate Patching CVE-2021-21985 is a critical vulnerability in VMware vCenter that needs...
  3. CVE-2021-22005: VMware vCenter Flaw Could Be Exploited by Ransomware A new severe, arbitrary file upload VMware vCenter Server vulnerability,...
  4. CVE-2022-31656: Critical VMware Authentication Bypass Vulnerability VMware recently released another set of patches addressing a number...
  5. CVE-2021-21998: Critical Bug in VMware’s Carbon Black App Control Critical Vulnerability in VMware’s Carbon Black App Control There’s a...
  6. July 2021 Patch Tuesday: Actively Exploited CVE-2021-34448 Fixed Microsoft Windows July 2021 Patch Tuesday just rolled out, patching...
  7. Patch Your iOS Device against CVE-2021-1782, CVE-2021-1870, and CVE-2021-1871 Apple recently addressed three zero-day vulnerabilities in iOS, iPadOS. CVE-2021-1782,...
  8. The Most Exploited Vulnerabilities in 2021 Include CVE-2021-44228, CVE-2021-26084 Which were the most routinely exploited security vulnerabilities in 2021?...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree