Full Report
VMware security advisory (AV26-221)
Analysis Summary
# Vulnerability: Critical Flaws in VMware Tanzu Valkey
## CVE Details
*Note: While the advisory (AV26-221) indicates critical vulnerabilities, specific CVE identifiers were not enumerated in the summary provided by the Canadian Centre for Cyber Security. Users must cross-reference Broadcom’s security portal for the individual CVE IDs associated with these releases.*
- **CVE ID:** Pending/Multiple (Refer to Broadcom Support)
- **CVSS Score:** Critical (Likely 9.0 - 10.0 based on advisory classification)
- **CWE:** Not specified in the summary.
## Affected Systems
- **Products:**
- VMware Tanzu Valkey on Kubernetes
- VMware Tanzu Valkey
- **Versions:**
- Tanzu Valkey on Kubernetes: Versions prior to 3.3.2
- Tanzu Valkey: Versions prior to 7.2.11, 8.0.6, 8.1.5, and 9.0.2.
- **Configurations:** Default installations of the listed Tanzu Valkey versions.
## Vulnerability Description
While specific technical details (such as buffer overflows or injection flaws) are not detailed in the CCCS bulletin, "Critical" ratings in this product category typically involve Remote Code Execution (RCE), Authentication Bypass, or unauthorized access to data stored within the Valkey (Redis-compatible) key-value store.
## Exploitation
- **Status:** Not explicitly stated as exploited in the wild (refer to vendor advisory for updates).
- **Complexity:** Typically Low to Medium for this product class.
- **Attack Vector:** Network (Remote).
## Impact
- **Confidentiality:** High
- **Integrity:** High
- **Availability:** High
## Remediation
### Patches
VMware/Broadcom has released the following updated versions to address these vulnerabilities. Administrators should upgrade to:
- **VMware Tanzu Valkey on Kubernetes:** 3.3.2
- **VMware Tanzu Valkey:** 7.2.11
- **VMware Tanzu Valkey:** 8.0.6
- **VMware Tanzu Valkey:** 8.1.5
- **VMware Tanzu Valkey:** 9.0.2
### Workarounds
No specific workarounds were provided in the summary. General best practices include:
- Restricting network access to Valkey instances using firewalls/ACLs.
- Ensuring strong authentication is enabled for all database instances.
## Detection
- **Indicators of Compromise:** Monitor for unusual network traffic on Valkey/Redis default ports or unauthorized administrative commands.
- **Detection methods and tools:** Utilize vulnerability scanners updated with the latest definitions for Broadcom/VMware Tanzu products.
## References
- **Vendor Advisory:** hxxps[://]support[.]broadcom[.]com/web/ecx/security-advisory?segment=VT
- **Source Bulletin:** hxxps[://]www[.]cyber[.]gc[.]ca/en/alerts-advisories/vmware-security-advisory-av26-221