=====================================================================

                              CERT-Renater

                  Note d'Information No. 2021/VULN600
_____________________________________________________________________

DATE                : 12/11/2021

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running VMware Tanzu Application Service
                       for VMs versions prior to 2.12.1, 2.11.8,
                                 2.10.20, 2.9.28, 2.7.40.

=====================================================================
https://www.vmware.com/security/advisories/VMSA-2021-0026.html
_____________________________________________________________________

Important

Advisory ID:     VMSA-2021-0026
CVSSv3 Range:    7.5
Issue Date:      2021-11-11
Updated On:      2021-11-11 (Initial Advisory)
CVE(s):          CVE-2021-22101


Synopsis:
VMware Tanzu Application Service for VMs updates address a
denial-of-service vulnerability (CVE-2021-22101)


1. Impacted Products

VMware Tanzu Application Service for VMs


2. Introduction

A denial-of-service vulnerability in one of the components of VMware
Tanzu Application Service for VMs was observed. Patches and workarounds
are available to remediate or workaround this vulnerability in affected
VMware products.

3a. VMware Tanzu Application service for VMs updates address a
denial-of-service vulnerability (CVE-2021-22101)


Description

VMware Tanzu Application Service for VMs uses Cloud Controller (CAPI)
from Cloud Foundry which is vulnerable to an unauthenticated
denial-of-service(DoS) vulnerability. VMware has evaluated this issue to
be 'Important' severity with a maximum CVSSv3 base score of 7.5.

Known Attack Vectors

 A remote attacker can leverage this vulnerability to cause denial of
service by using REST HTTP requests and generating an enormous SQL query
leading to database (ccdb) unavailability.


Resolution

To remediate CVE-2021-22101, apply the patches listed in the 'Fixed
Version' column of the 'Resolution Matrix' found below.


Workarounds

None.


Additional Documentation

None.


Notes

None.


Acknowledgements


Response Matrix

Product     Version     Running On     CVE Identifier     CVSSv3    
Severity     Fixed Version     Workarounds     Additional Documentation

VMware Tanzu Application Service for VMs   2.12.x   Any   CVE-2021-22101
7.5   important   2.12.1    None   None

VMware Tanzu Application Service for VMs   2.11.x   Any   CVE-2021-22101
7.5   important   2.11.8    None    None

VMware Tanzu Application Service for VMs   2.10.x   Any   CVE-2021-22101
7.5   important   2.10.20   None   None

VMware Tanzu Application Service for VMs   2.9.x   Any    CVE-2021-22101
7.5    important    2.9.28    None   None

VMware Tanzu Application Service for VMs   2.7.x   Any    CVE-2021-22101
7.5    important    2.7.40    None   None


4. References

Fixed Version(s) and Release Notes:

VMware Tanzu Application Service for VMs ( 2.12.1)
https://network.pivotal.io/products/elastic-runtime#/releases/977821
https://docs.pivotal.io/application-service/2-12/release-notes/runtime-rn.html


VMware Tanzu Application Service for VMs ( 2.11.8)
https://network.pivotal.io/products/elastic-runtime#/releases/976752
https://docs.pivotal.io/application-service/2-11/release-notes/runtime-rn.html


VMware Tanzu Application Service for VMs ( 2.10.20)
https://network.pivotal.io/products/elastic-runtime#/releases/979089
https://docs.pivotal.io/application-service/2-10/release-notes/runtime-rn.html


VMware Tanzu Application Service for VMs ( 2.9.28)
https://network.pivotal.io/products/elastic-runtime#/releases/978786
https://docs.pivotal.io/application-service/2-9/release-notes/runtime-rn.html


VMware Tanzu Application Service for VMs ( 2.7.40)
https://network.pivotal.io/products/elastic-runtime#/releases/978504
https://docs.pivotal.io/application-service/2-7/release-notes/runtime-rn.html


Additional Documentation:

https://www.cloudfoundry.org/blog/cve-2021-22101-cloud-controller-is-vulnerable-to-unauthenticated-denial-of-service/


Mitre CVE Dictionary Links:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-22101


FIRST CVSSv3 Calculator:

https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H


5. Change Log

11/11/2021: VMSA-2021-0026: Initial security advisory.


6. Contact

E-mail list for product security notifications and announcements:
https://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce


This Security Advisory is posted to the following lists:

security-announce@lists.vmware.com
bugtraq@securityfocus.com
fulldisclosure@seclists.org


E-mail: security@vmware.com

PGP key at:
https://kb.vmware.com/kb/1055


VMware Security Advisories
https://www.vmware.com/security/advisories


VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html


VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html


VMware Security & Compliance Blog
https://blogs.vmware.com/security


Twitter
https://twitter.com/VMwareSRC



Copyright 2020 VMware Inc. All rights reserved.

=========================================================
+ CERT-RENATER       |    tel : 01-53-94-20-44          +
+ 23/25 Rue Daviel   |    fax : 01-53-94-20-41          +
+ 75013 Paris        |    email:cert@support.renater.fr +
=========================================================