An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A
malicious authenticated user with non-administrator privileges may be
able to enter specially crafted SQL queries and perform unauthorized
remote code execution on the HCX manager.
Updates are available to remediate this vulnerability in affected VMware products.
VMware recibió un informe privado sobre una vulnerabilidad de inyección SQL autenticada en VMware HCX. Un usuario autenticado malintencionado con privilegios que no sean de administrador podría ingresar consultas SQL especialmente manipuladas y ejecutar código remoto no autorizado en el administrador HCX. Hay actualizaciones disponibles para solucionar esta vulnerabilidad en los productos VMware afectados.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware HCX. Authentication is required to exploit this vulnerability.
The specific flaw exists within the implementation of the listExtensions method. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the postgres user.
