VMware NSX Stored Cross-Site Scripting Vulnerability in Router Port

A stored Cross-Site Scripting (XSS) vulnerability has been identified in VMware NSX, specifically in the router port component. This vulnerability arises from improper input validation, allowing malicious actors to inject code that is executed when the router port is accessed. The issue affects VMware NSX versions 4.1.x, 4.2.1.x, 4.2.x, as well as NSX-T 3.2.x, VMware Cloud Foundation 5.1.x, 5.0.x, 5.2.x, and VMware Telco Cloud Platform and Infrastructure versions 2.x and 3.x.

Impact

Exploitation of this vulnerability allows for stored Cross-Site Scripting, where injected scripts are executed in the context of the user viewing the affected router port.

Remediation

Users can upgrade to VMware NSX versions 4.2.2.1, 4.2.1.4, or 4.1.2.6. NSX-T users should upgrade to version 3.2.4.2. VMware Cloud Foundation 5.2.x users can apply an asynchronous patch to NSX version 4.2.2.1, while those on versions 5.1.x or 5.0.x should patch to NSX version 4.1.2.6. VMware Telco Cloud Platform and Infrastructure users can refer to Broadcom Knowledge Base articles KB396986 for guidance.