Attention all users of VMware vCenter Server
and VMware Cloud Foundation!
We have important news to share regarding a recent issue that may affect your operations.
Please read on to understand the situation and what steps you should take.
You are affected by this vulnerability if you are running any version of:
- vCenter 6.5 below version 6.5.0.42000
- vCenter 6.7 below version 6.7.0.55000
- vCenter 7.0 below version 7.0.3.01700
- vCenter 8.0.1 below version 8.0.1.00400
- vCenter 8.0.2 below version 8.0.2.00000
Recently, VMware discovered a security vulnerability in vCenter Server and VMware Cloud Foundation. This vulnerability, identified as CVE-2023-34048 and CVE-2023-34056, respectively, has been classified as critical by VMware’s security team. While no reports of active exploitation have been observed, it is crucial to address this issue proactively to ensure the safety and security of your virtual infrastructure.
According to VMware’s security advisory, the vulnerability primarily affects vCenter Server versions 7.0 U3e and 7.0 U3f, along with VMware Cloud Foundation version 4.x. It stems from an improper input validation vulnerability within the Virtual SAN Health Check and Update Manager plug-ins.
The vulnerability, if exploited, could potentially allow a malicious actor with network access to execute arbitrary commands with elevated privileges on the underlying operating system hosting vCenter Server or VMware Cloud Foundation. This could lead to unauthorized control and potential compromise of critical infrastructure components.
To ensure the security and availability of your VMware environment, we recommend the following steps:
- Update vCenter Server and VMware Cloud Foundation:
– VMware has released patches to address this vulnerability. It is strongly advised to update your vCenter Server and VMware Cloud Foundation installations to the latest available versions.
– For vCenter Server, ensure you upgrade to version 7.0 U3h or later.
– For VMware Cloud Foundation, update to version 4.4.1 or later. - Apply patches for standalone deployments:
– If you are using vCenter Server in standalone deployments without VMware Cloud Foundation, please follow the advisory provided by VMware for the particular version you are using.
– VMware has provided patches for affected versions such as vCenter Server 7.0 U3e and 7.0 U3f. - Consider additional security measures:
– While applying the patches will mitigate the vulnerability, it is always recommended to implement additional security measures such as network segmentation, firewall rules, and access controls.
– Regularly review and update the security configurations of your virtual infrastructure to reduce the risk of potential attacks. - Stay informed:
– Regularly review security advisories and subscribe to relevant security mailing lists to stay updated on any future vulnerabilities or patches released by VMware.
– Stay informed about best practices for securing your VMware environment by following VMware’s security resources.
Protecting your virtual infrastructure is of paramount importance, and addressing the VMware vCenter Server and VMware Cloud Foundation vulnerability promptly is essential to maintain the security and availability of your systems. By applying the provided patches and implementing additional security measures, you can significantly reduce the risk of exploitation.
Please take the necessary steps outlined in this blog post to ensure your VMware environment remains secure. As always, VMware is committed to prioritizing the safety and protection of its users, and your cooperation is key to maintaining the integrity of your virtual infrastructure.
For more information and detailed instructions, please refer to the following links:
Stay vigilant, stay secure!