VMware Tanzu products update for libcap2

1) PHP file inclusion

EUVDB-ID: #VU72703

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2603

CWE-ID: CWE-98 - Improper Control of Filename for Include/Require Statement in PHP Program

Exploit availability: No

Description

The vulnerability allows a remote attacker to include and execute arbitrary PHP files on the server.

The vulnerability exists due to incorrect input validation when including PHP files in web/ajax/modal.php. A remote non-authenticated attacker can send a specially crafted HTTP request to the affected application, include and execute arbitrary PHP code on the system with privileges of the web server.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Isolation Segment: 2.11.0 - 4.0.4

VMware Tanzu Operations Manager: 2.10 - 2.10.58

VMware Tanzu Application Service for VMs: 2.11.0 - 4.0.4

CPE2.3

• cpe:2.3:a:vmware:isolation_segment:4.0.4:*:*:*:*:*:*:
• cpe:2.3:a:vmware:isolation_segment:3.0.13:*:*:*:*:*:*:
• cpe:2.3:a:vmware:isolation_segment:2.13.20:*:*:*:*:*:*:
• cpe:2.3:a:vmware:isolation_segment:2.11.35:*:*:*:*:*:*:
• cpe:2.3:a:vmware:vmware_tanzu_operations_manager:2.10.58:*:*:*:*:*:*:
• cpe:2.3:a:vmware:vmware_tanzu_application_service_for_vms:4.0.4:*:*:*:*:*:*:
• cpe:2.3:a:vmware:vmware_tanzu_application_service_for_vms:3.0.13:*:*:*:*:*:*:
• cpe:2.3:a:vmware:vmware_tanzu_application_service_for_vms:2.13.23:*:*:*:*:*:*:
• cpe:2.3:a:vmware:vmware_tanzu_application_service_for_vms:2.11.41:*:*:*:*:*:*:

External links

http://tanzu.vmware.com/security/usn-6166-2

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.