=====================================================================

                                 CERT-Renater

                      Note d'Information No. 2022/VULN248

_____________________________________________________________________

DATE                : 13/07/2022

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running VMware vCenter Server,
                       VMware Cloud Foundation.

=====================================================================
https://www.vmware.com/security/advisories/VMSA-2022-0018.html
_____________________________________________________________________


Moderate

Advisory ID:    VMSA-2022-0018
CVSSv3 Range:    5.3
Issue Date:      2022-07-12
Updated On:      2022-07-12 (Initial Advisory)
CVE(s):          CVE-2022-22982

Synopsis:
VMware vCenter Server updates address a server-side request forgery
vulnerability (CVE-2022-22982)


1. Impacted Products

     VMware vCenter Server (vCenter Server)
     VMware Cloud Foundation (Cloud Foundation)


2. Introduction

A server-side request forgery (SSRF) vulnerability in VMware vCenter
Server was privately reported to VMware. Updates are available to
remediate this vulnerability in affected VMware products.


3. vCenter Server SSRF vulnerability (CVE-2022-22982)

Description

The vCenter Server contains a server-side request forgery (SSRF)
vulnerability. VMware has evaluated the severity of this issue to
be in the Moderate severity range with a maximum CVSSv3 base
score of 5.3.


Known Attack Vectors

A malicious actor with network access to 443 on the vCenter Server
may exploit this issue by accessing a URL request outside of
vCenter Server or accessing an internal service.


Resolution

To remediate CVE-2022-22982 apply the patches listed in the
'Fixed Version' column of the 'Response Matrix' found below.


Workarounds

None.


Additional Documentation

None.


Notes

None.


Acknowledgements

VMware would like to thank pwnull for reporting this issue to
us.

Response Matrix:

Product 	Version 	Running On 	CVE Identifier 	
CVSSv3 	Severity 	Fixed Version 	Workarounds 	
Additional Documentation


vCenter Server   7.0   Any   CVE-2022-22982   5.3   moderate
7.0 U3f   None   None

vCenter Server   6.7   Any   CVE-2022-22982   5.3   moderate
6.7 U3r   None   None

vCenter Server   6.5   Any   CVE-2022-22982   5.3   moderate
6.5 U3t   None   None


Impacted Product Suites that Deploy Response Matrix
Components:

Product 	Version 	Running On 	CVE Identifier 	
CVSSv3 	Severity 	Fixed Version 	Workarounds 	
Additional Documentation

Cloud Foundation (vCenter Server)   4.x   Any   CVE-2022-22982
5.3   moderate   KB88287   None   None

Cloud Foundation (vCenter Server)   3.x   Any   CVE-2022-22982
5.3   moderate   Patch Pending   None   None



4. References

Fixed Version(s) and Release Notes:

vCenter Server 7.0 U3f
Downloads and Documentation:
https://customerconnect.vmware.com/downloads/details?downloadGroup=VC70U3F&productId=974&rPId=90206
https://docs.vmware.com/en/VMware-vSphere/7.0/rn/vsphere-vcenter-server-70u3f-release-notes.html

vCenter Server 6.7 U3r
Downloads and Documentation:
https://customerconnect.vmware.com/en/downloads/details?downloadGroup=VC67U3R&productId=742&rPId=78421
https://docs.vmware.com/en/VMware-vSphere/6.7/rn/vsphere-vcenter-server-67u3r-release-notes.html

vCenter Server 6.5 U3t
Downloads and Documentation:
https://customerconnect.vmware.com/downloads/details?downloadGroup=VC65U3T&productId=614&rPId=74057
https://docs.vmware.com/en/VMware-vSphere/6.5/rn/vsphere-vcenter-server-65u3t-release-notes.html

KB articles:
VCF 4.x: https://kb.vmware.com/s/article/88287

Mitre CVE Dictionary Links:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22982

FIRST CVSSv3 Calculator:
CVE-2022-22982: 
https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N


5. Change Log

2022-07-12 VMSA-2022-0018
Initial security advisory.



6. Contact

E-mail list for product security notifications and announcements:
https://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce


This Security Advisory is posted to the following lists:

security-announce@lists.vmware.com
bugtraq@securityfocus.com
fulldisclosure@seclists.org


E-mail: security@vmware.com

PGP key at:
https://kb.vmware.com/kb/1055



VMware Security Advisories
https://www.vmware.com/security/advisories


VMware Security Response Policy

https://www.vmware.com/support/policies/security_response.html


VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html


VMware Security & Compliance Blog
https://blogs.vmware.com/security


Twitter

https://twitter.com/VMwareSRC



Copyright 2022 VMware Inc. All rights reserved.


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================