Description:
A vulnerability classified as critical was found in VMware ESXi (Virtualization Software). The vulnerability allows a remote attacker to bypass authentication process. The vulnerability exists due to an error in when processing authentication requests in SFCB (Small Footprint CIM Broker). A remote attacker can send specially crafted requests to port 5989/tcp, bypass SFCB authentication and gain unauthorized access to the system.
This vulnerability can be exploited by a remote non-authenticated attacker via the Internet. We are not aware of malware exploiting this vulnerability.
| Risk | High |
| Patch available | YES |
| Vector | [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C] |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software | Cloud Foundation Client/Desktop applications / Virtualization software |
| Vulnerable software versions | Cloud Foundation: 3.10, 3.10.1, 3.10.1.1, 3.10.1.2, 4.0, 4.0.1, 4.1, 4.2, 4.2.1 |
| 5.3-7.0 | |
| Vendor | VMware, Inc |
Mitigation
Install update from vendor’s website.
