Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

CVE-2022-31676 - VMware Tools vulnerability

 

Information

 

Summary:

CVE-2022-31676 - VMware Tools vulnerability

Environment:

Product: LoadMaster

Version: Any

Platform: Any

Application: Any

Question/Problem Description:

In August 2022, VMware warned users to update their VMware Tools due to a vulnerability in CVE-2022-31676. Is the LoadMaster vulnerable to this?

Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  
Cause:  
Resolution:

Our security team has concluded that the LoadMaster is NOT vulnerable:

  • The LoadMaster utilizes version 9.4.0 of Open VMware Tools as of loadmaster firmware version 7.2.55, which is not affected by this CVE.
  • To exploit the vulnerability it would require shell access to the LoadMaster OS, which is not normally available to users.
  • VMware Tools version 12.1.0 addresses the advertised vulnerability.
Workaround:  
Notes:  VMSA-2022-0024 (vmware.com)

Was this article helpful?
0 out of 1 found this helpful

Comments