Table of Contents
  • Home
    • /
  • Blog
    • /
  • How To Fix CVE-2021-22048- IWA Privilege Escalation Vulnerability In VMware vCenter Server
Arun KL
July 14, 2022
|
4m

How To Fix CVE-2021-22048- IWA Privilege Escalation Vulnerability In VMware vCenter Server

Vulnerabilities

How To Patch The 10 New Vulnerabilities In Vmware Products Cve 2022 31656 To Cve 2022 31665

The VCenter Server recently disclosed a high severity privilege escalation vulnerability in the Integrated Windows Authentication (IWA) mechanism known as CVE-2021-22048. A threat actor can exploit this vulnerability using non-administrative access to vCenter Server and use a loophole to elevate privileges to a higher privilege group. Since the vulnerability allows attackers to escalate privilege escalation, it’s critical to learn how to fix CVE-2021-22048, IWA Privilege Escalation Vulnerability in VMware VCenter.

VMware vCenter Server

VMware vCenter Server is an advanced server management tool providing a centralized platform to control vSphere environments for visibility across hybrid clouds. It gives deep visibility into the configuration of critical components of a virtual infrastructure from a single unit. 

Virtual environments are easier to manage using a vCenter Server as a single administrator can manage multiple workloads and increase productivity. Moreover, it can allocate and optimize resources for increased efficiency. 

Summary Of CVE-2021-22048

IWA Privilege Escalation Vulnerability in VMware vCenter was reported to VMware, allowing threat actors with non-administrative access to the vCenter Server to exploit this vulnerability and elevate privileges to a higher-privileged group. 

Associated CVE IDCVE-2021-22048
DescriptionPrivilege Escalation Vulnerability in VMware vCenter
Associated ZDI ID
CVSS Score8.8 High
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Impact Score5.9
Exploitability Score2.8
Attack Vector (AV)Network
Attack Complexity (AC)Low
Privilege Required (PRLow
User Interaction (UI)None
ScopeUnchanged
Confidentiality (C)High
Integrity (I)High
Availability (a)High

VMware vCenter Server Versions Affected By CVE-2021-22048

Here are the products affected by CVE-2021-22018-IWA Privilege Escalation Vulnerability in VMware vCenter.

  • VMware vCenter Server (vCenter Server)

  • VMware Cloud Foundation (Cloud Foundation)

How To Fix CVE-2021-22048- IWA Privilege Escalation Vulnerability In VMware vCenter?

VMware has investigated that the exploitation possibility can be eliminated by performing the workaround steps discussed below. The workaround needs to change the SSO identity configuration from IWA to one of the following options. 

  • Active Directory over LDAP authentication

  • Identity Provider Federation for AD FS 

Active Directory over the LDAP authentication is not affected by the CVE-2021-22048. However, it does not understand domain trusts, so users switching to this method must configure a unique identity resource for all the trusted domains. Identity Provider Federation for AD FS doesn’t have this limitation.

  • Visit this guide for switching to Active Directory over LDAPs.

  • Visit this guide for switching to Identity Provider Federation for AD FS.

How To Upgrade VMware vCenter Server?

Here are the steps you can follow to update VMware vCenter Server Appliance.

  1. Log in to the vCenter Server Application Management Interface as root.

  2. Click on the ‘Update‘ tab after going to the dashboard screen.

  3. Make sure that you check the ‘Check Updates‘ button from the CD ROM+URL.

  4. Select the target update of the vCenter. 

  5. Click ‘Stage and Install‘ and then read and accept the end user license agreement.

  6. A system pre-check confirms that all the patches can be installed successfully with the information.

  7. Sign in again using the vSphere SSO Administrator password.

  8. Make sure to back up the vCenter Server Appliance before clicking ‘Finish.’

  9. Patching will start, and it gets finished when a popup ‘Installation Succeeded‘ appears.

We hope this post would help you know how to fix CVE-2021-22048, IWA Privilege Escalation Vulnerability in VMware VCenter. Please share this post and help to secure the digital world. Visit our social media page on FacebookLinkedInTwitterTelegramTumblr, & Medium and subscribe to receive updates like this. 

You may also like these articles:

Arun KL

Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.

Recently added

Vulnerabilities

View All

Learn More About Cyber Security Security & Technology

“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”

Books

Books

Videos

Videos

Courses

Courses

Certifications

Certifications

Cybersecurity All-in-One For Dummies - 1st Edition

"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.

Cyber Security - Books

Tools

Featured

View All

Learn Something New with Free Email subscription

Subscribe

Subscribe