HTTP: VMware vCenter Server Platform Services Controller Unsafe Deserialization
This signature detects attempts to exploit a known vulnerability against VMware vCenter Server Platform Services Controller. A successful attack can lead to arbitrary code execution.
Extended Description
VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host.
Affected Products
Vmware cloud_foundation
References
CVE: CVE-2022-31681
URL: https://www.securecybersolution.com/vmware-patches-code-execution-vulnerability-in-vcenter-server/ http://twitter.com/Sec_Cyber/status/1578414880226480128 https://nvd.nist.gov/vuln/detail/CVE-2022-31680 https://www.vmware.com/security/advisories/VMSA-2022-0025.html https://talosintelligence.com/vulnerability_reports/TALOS-2022-1587
Short Name
HTTP:CTS:VMWARE-SRVR-DSLRZ
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2022-31680 CVE-2022-31681 Controller Deserialization Platform Server Services Unsafe VMware vCenter
Release Date
10/20/2022
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Vmware