Vulnerability Management

VMware issues workarounds for Salt vulnerabilities in vRealize Operations Manager

VMware has issued workarounds for a pair of vulnerabilities that were earlier disclosed in Salt that directly affect VMware’s vRealize Operations Manager.

The vulnerabilities, the critical CVE-2020-11651 and important CVE-2020-11652, impact the Application Remote Collector that was introduced with vRealize Operations Manager 7.5.

The SaltStack project previously patched the issues in its own product, but not before malicious actors were able to compromise the “Salt master” servers of several prominent users, including the Ghost blogging platform, the open-source mobile operating system LineageOS, and SSL certificate provider DigiCert.

“CVE-2020-11651 (Authentication Bypass) may allow a malicious actor with network access to port 4505 or 4506 on the ARC to take control of the ARC and any Virtual Machines the ARC may have deployed a Telegraf agent to. CVE-2020-11652 (Directory Traversal) may allow a malicious actor with network access to port 4505 or 4506 on the ARC to access the entirety of the ARC filesystem,” VMware reported.

The company said security updates are forthcoming, but until then it recommends that companies utilize these workarounds.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.