Background: The VMware SD-WAN Orchestrator provides centralized enterprise-wide installation, configuration and real-time monitoring in addition to orchestrating the data flow through the cloud network.
Technical highlight – The VeloCloud Orchestrator (VCO) stores only flow statistics with high resolution to provide visibility and troubleshooting capability.
By default, a maximum of one million flows are rolled up per edge per day. This averages out to approximately 3500 flows per 5-minute push.
Vulnerability details: In 3.3.0 release, the VeloCloud Orchestrator (VCO) stores only flow statistics with high resolution to provide visibility and troubleshooting capability. In 3.3.2 release, VCO supports retention of flow stats for upto one year by rolling up flow stats for every edge on a daily basis. So, the VeloCloud Orchestrator requires connect to MySQL server. Meanwhile it has design weakness. The original design does not apply correct input validation which allows for blind SQL-injection.
Impact: A crafted SQL queries and obtain data to which they are not privileged.
Official announcement – https://www.vmware.com/security/advisories/VMSA-2020-0016.html