=====================================================================

                             CERT-Renater

                 Note d'Information No. 2021/VULN532
_____________________________________________________________________

DATE                : 13/10/2021

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running VMware vRealize Log Insight
                      versions 8.1.1, 8.1.0, 8.0.0 and 4.x, 8.2, 8.3,
                                      8.4.1, 8.4.0, 8.6,
                  VMware Cloud Foundation (vRLI) versions 4.x,
         vRealize Suite Lifecycle Manager (vRLI) versions 8.x.

=====================================================================
https://www.vmware.com/security/advisories/VMSA-2021-0022.html
_____________________________________________________________________

Moderate
Advisory ID:        VMSA-2021-0022
CVSSv3 Range:       6.5
Issue Date:         2021-10-12
Updated On:         2021-10-12 (Initial Advisory)
CVE(s):             CVE-2021-22035


Synopsis:
VMware vRealize Log Insight updates address CSV injection vulnerability
(CVE-2021-22035)


1. Impacted Products

    VMware vRealize Log Insight
    VMware Cloud Foundation
    vRealize Suite Lifecycle Manager


2. Introduction

A CSV injection vulnerability in VMware vRealize Log Insight was
privately reported to VMware. Updates are available to remediate this
vulnerability in affected VMware products.

3. VMware vRealize Log Insight CSV injection vulnerability
(CVE-2021-22035)


Description

VMware vRealize Log Insight contains a CSV(Comma Separated Value)
injection vulnerability in interactive analytics export function. VMware
has evaluated the severity of this issue to be in the Moderate severity
range with a maximum CVSSv3 base score of 6.5.

Known Attack Vectors

An authenticated malicious actor with non-administrative privileges may
be able to embed untrusted data prior to exporting a CSV sheet through
Log Insight which could be executed in user's environment.


Resolution

To remediate CVE-2021-22035 apply the patches listed in the 'Fixed

Version' column of the 'Response Matrix' found below.

Workarounds

None.


Additional Documentation

None.


Notes

None.


Acknowledgements

VMware would like to thank Tran Viet Quang of Vantage Point Security for
reporting this vulnerability to us.

Response Matrix

Product 	Version 	Running On 	CVE Identifier 	CVSSv3 	
Severity 	Fixed Version 	Workarounds 	Additional Documentation

VMware vRealize Log Insight    8.6    Virtual Appliance    N/A    N/A
N/A    Unaffected    N/A     N/A

VMware vRealize Log Insight    8.4.1, 8.4.0    Virtual Appliance
CVE-2021-22035    6.5    moderate   KB85992    None    None

VMware vRealize Log Insight    8.3    Virtual Appliance   CVE-2021-22035
   6.5    moderate    KB85990   None   None

VMware vRealize Log Insight    8.2   Virtual Appliance    CVE-2021-22035
6.5    moderate    KB85989    None    None

VMware vRealize Log Insight    8.1.1, 8.1.0, 8.0.0 and 4.x
Virtual Appliance    CVE-2021-22035    6.5    moderate    KB85985
None    None


Impacted Product Suites that Deploy Response Matrix Components

Product 	Version 	Running On 	CVE Identifier 	CVSSv3 	
Severity 	Fixed Version 	Workarounds 	Additional Documentation

VMware Cloud Foundation (vRLI)    4.x    Any    CVE-2021-22035    6.5
moderate    KB86000    None    None

vRealize Suite Lifecycle Manager (vRLI)    8.x    Any    CVE-2021-22035
6.5    moderate    KB86000    None     None


4. References

Fixed Version(s) and Release Notes:

VMware vRealize Log Insight 8.6.0

Downloads and Documentation:

https://customerconnect.vmware.com/downloads/details?downloadGroup=VRLI-860&productId=938&rPId=75107

https://docs.vmware.com/en/vRealize-Log-Insight/8.6/rn/vRealize-Log-Insight-86.html



VMware vRealize Log Insight

8.4.1: https://kb.vmware.com/s/article/85992

8.3: https://ikb.vmware.com/s/article/85990

8.2: https://kb.vmware.com/s/article/85989

8.1.1: https://kb.vmware.com/s/article/85985



VMware Cloud Foundation (vRLI)

4.x: https://kb.vmware.com/s/article/86000



vRealize Suite Lifecycle Manager (vRLI)

8.x: https://kb.vmware.com/s/article/86000



Mitre CVE Dictionary Links:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22035



FIRST CVSSv3 Calculator:
CVE-2021-22035:
https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
5. Change Log

2021-10-12 VMSA-2021-0022
Initial security advisory.
6. Contact

E-mail list for product security notifications and announcements:

https://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce



This Security Advisory is posted to the following lists:

security-announce@lists.vmware.com

bugtraq@securityfocus.com

fulldisclosure@seclists.org



E-mail: security@vmware.com

PGP key at:

https://kb.vmware.com/kb/1055



VMware Security Advisories

https://www.vmware.com/security/advisories



VMware Security Response Policy

https://www.vmware.com/support/policies/security_response.html



VMware Lifecycle Support Phases

https://www.vmware.com/support/policies/lifecycle.html



VMware Security & Compliance Blog

https://blogs.vmware.com/security



Twitter

https://twitter.com/VMwareSRC



Copyright 2021 VMware Inc. All rights reserved.


=========================================================
+ CERT-RENATER       |    tel : 01-53-94-20-44          +
+ 23/25 Rue Daviel   |    fax : 01-53-94-20-41          +
+ 75013 Paris        |    email:cert@support.renater.fr +
=========================================================