VMware has issued workarounds for a pair of vulnerabilities that were earlier disclosed in Salt that directly affect VMware’s vRealize Operations Manager.
The vulnerabilities, the critical CVE-2020-11651 and important CVE-2020-11652, impact the Application Remote Collector that was introduced with vRealize Operations Manager 7.5.
The SaltStack project previously patched the issues in its own product, but not before malicious actors were able to compromise the “Salt master” servers of several prominent users, including the Ghost blogging platform, the open-source mobile operating system LineageOS, and SSL certificate provider DigiCert.
“CVE-2020-11651 (Authentication Bypass) may allow a malicious actor with network access to port 4505 or 4506 on the ARC to take control of the ARC and any Virtual Machines the ARC may have deployed a Telegraf agent to. CVE-2020-11652 (Directory Traversal) may allow a malicious actor with network access to port 4505 or 4506 on the ARC to access the entirety of the ARC filesystem,” VMware reported.
The company said security updates are forthcoming, but until then it recommends that companies utilize these workarounds.