VMware Cloud Director Affected by Serious Code Execution Flaw

7
VMware Cloud Director Affected by Serious Code Execution Flaw

VMWare, a cloud computing and virtualization technology company, released fixes for an extremely serious security hole in its Cloud Director product on Thursday, warning that unpatched systems are vulnerable to remote code execution assaults.

The vulnerability, which was disclosed privately by a security researcher who participates in bug bounty programs, has a CVSS 3.1 score of 9.1 and should be treated as a high-priority upgrade for all VMWare Cloud Director customers. The update emphasizes the need of enterprises to apply fixes and mitigations in order to stay one step ahead of attackers.

VMware products have grown in popularity as a target for nation-state APT hackers and ransomware criminals.

Read More: https://www.securityweek.com/critical-code-execution-flaw-haunts-vmware-cloud-director