VMSA-2022-0005:VMware NSX Data Center for vSphere update addresses CLI shell injection vulnerability

VMware Cloud Foundation

1 more products

23620

05 April 2022

13 February 2022

CLOSED

HIGH

8.8

CVE-2022-22945

VMSA-2022-0005.2
8.8
2022-02-15
2022-04-07
CVE-2022-22945
VMware NSX Data Center for vSphere update addresses CLI shell injection vulnerability (CVE-2022-22945)
1. Impacted Products
  • VMware NSX Data Center for vSphere (NSX-V)
  • VMware Cloud Foundation (Cloud Foundation)
2. Introduction

A CLI shell injection vulnerability affecting VMware NSX Data Center for vSphere was privately reported to VMware. Updates are available to address this vulnerability in affected VMware products.

3. VMware NSX Data Center for vSphere update addresses CLI shell injection vulnerability (CVE-2022-22945)

Description

VMware NSX Data Center for vSphere contains a CLI shell injection vulnerability in the NSX Edge appliance component. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.8.

Known Attack Vectors

A malicious actor with SSH access to an NSX-Edge appliance (NSX-V) can execute arbitrary commands on the operating system as root.

Resolution

To remediate CVE-2022-22945 apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' below.

Workarounds

Workarounds for CVE-2022-22945 have been listed in the 'Workarounds' column of the 'Response Matrix' below.

Additional Documentation

Additional documentation for CVE-2022-22945 have been listed in the 'Additional Documentation' column of the 'Response Matrix' for Cloud Foundation (NSX-V) below.

Notes

None

Acknowledgements

VMware would like to thank Dimitri Di Cristofaro (@d_glenx) and Przemek Reszke (@kolokokop) from SECFORCE LTD for reporting this issue to us.

Response Matrix

Product Version Running On CVE Identifier CVSSv3 Severity Fixed Version Workarounds Additional Documentation
NSX Data Center for vSphere
Any
Any
CVE-2022-22945
8.8
important
6.4.13
KB87893
None

Impacted Product Suites that Deploy Response Matrix Components:

Product Version Running On CVE Identifier CVSSv3 Severity Fixed Version Workarounds Additional Documentation
Cloud Foundation (NSX-V)
3.x
Any
CVE-2022-22945
8.8
important
3.11.0.1
KB87893
KB87863
4. References

Fixed Version(s) and Release Notes:

 

NSX Data Center for vSphere 6.4.13
Downloads and Documentation:
https://customerconnect.vmware.com/en/downloads/details?downloadGroup=NSXV_6413&productId=417&rPId=84646

https://docs.vmware.com/en/VMware-NSX-Data-Center-for-vSphere/6.4/rn/VMware-NSX-Data-Center-for-vSphere-6413-Release-Notes.html

 

VMware vCloud Foundation 3.x

Downloads and Documentation:

https://docs.vmware.com/en/VMware-Cloud-Foundation/3.11/rn/VMware-Cloud-Foundation-311-Release-Notes.html#31101  

 

Mitre CVE Dictionary Links:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22945

 

FIRST CVSSv3 Calculator:

CVE-2022-22945 - https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

5. Change Log

2022-02-15: VMSA-2022-0005
Initial security advisory.

 

2022-03-14: VMSA-2022-0005.1
Updated security advisory Response Matrix to include workarounds and additional documentation.

 

2022-04-07: VMSA-2022-0005.2
Updated advisory with updates to VMware Cloud Foundation 3.x.

6. Contact

E-mail list for product security notifications and announcements:

https://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

 

This Security Advisory is posted to the following lists:  

[email protected]  

 

E-mail: [email protected]

PGP key at:

https://kb.vmware.com/kb/1055 

 

VMware Security Advisories

https://www.vmware.com/security/advisories 

 

VMware Security Response Policy

https://www.vmware.com/support/policies/security_response.html 

 

VMware Lifecycle Support Phases

https://www.vmware.com/support/policies/lifecycle.html 

 

VMware Security & Compliance Blog  

https://blogs.vmware.com/security 

 

Twitter

https://twitter.com/VMwareSRC

 

Copyright 2022 VMware Inc. All rights reserved.