{"id":10709,"date":"2022-05-23T14:25:17","date_gmt":"2022-05-23T11:25:17","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=10709"},"modified":"2022-05-23T14:25:17","modified_gmt":"2022-05-23T11:25:17","slug":"critical-vulnerabilities-in-vmware-products","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/critical-vulnerabilities-in-vmware-products\/10709\/","title":{"rendered":"ABD \u0130\u00e7 G\u00fcvenlik Bakanl\u0131\u011f\u0131 VMware \u00fcr\u00fcnlerinin yamalanmas\u0131n\u0131 \u00f6neriyor; b\u00fcy\u00fck olas\u0131l\u0131kla siz de bu \u00f6neriye uymal\u0131s\u0131n\u0131z"},"content":{"rendered":"<p>VMware 18 May\u0131s\u2019ta \u00fcr\u00fcnlerinde <a href=\"https:\/\/www.vmware.com\/security\/advisories\/VMSA-2022-0014.html\" target=\"_blank\" rel=\"noopener nofollow\">iki g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131<\/a> yamalad\u0131: <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2022-22972\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2022-22972<\/a> ve <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2022-22973\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2022-22973<\/a>. Problemin ne kadar ciddi oldu\u011funu \u015furadan anlayabiliriz: Ayn\u0131 g\u00fcn i\u00e7inde ABD \u0130\u00e7 G\u00fcvenlik Bakanl\u0131\u011f\u0131 t\u00fcm Federal Sivil Y\u00fcr\u00fctme Organlar\u0131\u2019n\u0131n yamalar\u0131 y\u00fckleyerek veya bu m\u00fcmk\u00fcn de\u011filse VMware \u00fcr\u00fcnlerini kurumun a\u011f\u0131ndan kald\u0131rarak be\u015f g\u00fcn i\u00e7inde bu g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 kapatmalar\u0131 gerekti\u011fini bildiren bir <a href=\"https:\/\/www.cisa.gov\/emergency-directive-22-03\" target=\"_blank\" rel=\"noopener nofollow\">direktif<\/a> yay\u0131nlad\u0131. Bu durumda Amerikan devlet kurumlar\u0131na uyup derhal <a href=\"https:\/\/kb.vmware.com\/s\/article\/88438\" target=\"_blank\" rel=\"noopener nofollow\">yamalar\u0131 y\u00fcklemek<\/a> mant\u0131kl\u0131 g\u00f6r\u00fcn\u00fcyor.<\/p>\n<h2>G\u00fcvenlik a\u00e7\u0131klar\u0131 neler?<\/h2>\n<p>G\u00fcvenlik a\u00e7\u0131klar\u0131 \u015firketin be\u015f \u00fcr\u00fcn\u00fcn\u00fc etkiliyor: VMware Workspace ONE Access, VMware Identity Manager, VMware vRealize Automation, VMware Cloud Foundation ve vRealize Suite Lifecycle Manager.<\/p>\n<p>CVSS \u00f6l\u00e7e\u011finde 9,8 \u015fiddetinde puanlanan birinci g\u00fcvenlik a\u00e7\u0131\u011f\u0131 CVE-2022-22972 \u00f6zellikle tehlikeli g\u00f6r\u00fcn\u00fcyor. Bu a\u00e7\u0131\u011f\u0131n k\u00f6t\u00fcye kullan\u0131lmas\u0131, sald\u0131rganlar\u0131n kimlik do\u011frulamadan sistem i\u00e7inde y\u00f6netici haklar\u0131 elde etmesine olanak sa\u011flayabiliyor.<\/p>\n<p>\u0130kinci g\u00fcvenlik a\u00e7\u0131\u011f\u0131 olan CVE-2022-22973 ise ayr\u0131cal\u0131k y\u00fckseltmeyle ilgili. Bu a\u00e7\u0131\u011f\u0131 kullanmak i\u00e7in sald\u0131rganlar\u0131n halihaz\u0131rda sistemde baz\u0131 haklara sahip olmas\u0131 gerekiyor. Bu y\u00fczden \u015fiddet d\u00fczeyi CVSS \u00f6l\u00e7e\u011finde 7,8 puanla di\u011ferine g\u00f6re biraz daha d\u00fc\u015f\u00fck. Ancak bu hata da ciddiye al\u0131nmal\u0131, \u00e7\u00fcnk\u00fc bu a\u00e7\u0131\u011f\u0131 kullanan sald\u0131rganlar sistemde ayr\u0131cal\u0131klar\u0131n\u0131 k\u00f6k d\u00fczeyine kadar y\u00fckseltebiliyor.<\/p>\n<p><a href=\"https:\/\/core.vmware.com\/vmsa-2022-0014-questions-answers-faq\" target=\"_blank\" rel=\"noopener nofollow\">Konu hakk\u0131ndaki resmi SSS sayfas\u0131ndan<\/a> daha fazla bilgi edinebilirsiniz.<\/p>\n<h2>CVE-2022-22973 ve CVE-2022-22972 g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n ger\u00e7ek \u015fiddeti<\/h2>\n<p>VMware ve CISA uzmanlar\u0131 hen\u00fcz bu g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n ger\u00e7ek hayatta k\u00f6t\u00fcye kullan\u0131m\u0131yla kar\u015f\u0131la\u015fmam\u0131\u015f. Ancak CISA\u2019n\u0131n acil direktifinin alt\u0131nda yatan bir sebep var: Nisan ay\u0131nda VMware ayn\u0131 \u00fcr\u00fcnlerde birden fazla g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 kapatt\u0131ktan 48 saat sonra sald\u0131rganlar bu a\u00e7\u0131klar\u0131 k\u00f6t\u00fcye kullanmaya ba\u015flam\u0131\u015ft\u0131 (Vmware yaz\u0131l\u0131mlar\u0131n\u0131n hen\u00fcz yamalanmad\u0131\u011f\u0131 sunucularda). Di\u011fer bir deyi\u015fle, benzer bir durumda sald\u0131rganlar\u0131n g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 k\u00f6t\u00fcye kullanmaya ba\u015flamas\u0131 iki g\u00fcnden az bir s\u00fcrede ger\u00e7ekle\u015fmi\u015fti. Dolay\u0131s\u0131yla bunun tekrarlanmas\u0131ndan endi\u015fe ediliyor.<\/p>\n<p>Dahas\u0131 CISA uzmanlar\u0131, birilerinin bu yeni iki g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 Nisan\u2019daki baz\u0131 g\u00fcvenlik a\u00e7\u0131klar\u0131yla (\u00f6zellikle <a href=\"https:\/\/www.vmware.com\/security\/advisories\/VMSA-2022-0011.html\" target=\"_blank\" rel=\"noopener nofollow\">CVE 2022-22954 ve CVE 2022-22960<\/a> ile) birlikte kullanarak karma\u015f\u0131k hedefli sald\u0131r\u0131lar ger\u00e7ekle\u015ftirebilece\u011fine inan\u0131yor. Bu y\u00fczden t\u00fcm federal kurumlar\u0131n bu g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 23 May\u0131s 2022, Do\u011fu ABD saatiyle 17:00\u2019a kadar kapatmas\u0131n\u0131 zorunlu k\u0131l\u0131yorlar.<\/p>\n<h2>VMWare \u00fcr\u00fcnlerindeki g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n k\u00f6t\u00fcye kullan\u0131m\u0131 nas\u0131l \u00f6nlenir<\/h2>\n<p>VMware \u00f6ncelikte g\u00fcvenlik a\u00e7\u0131\u011f\u0131 bulunan t\u00fcm yaz\u0131l\u0131mlar\u0131n desteklenen s\u00fcr\u00fcmlere y\u00fckseltilmesini, ard\u0131ndan yamalar\u0131n y\u00fcklenmesini \u00f6neriyor. G\u00fcncel s\u00fcr\u00fcmleri <a href=\"https:\/\/lifecycle.vmware.com\/#\/\" target=\"_blank\" rel=\"noopener nofollow\">VMware LogoProduct Lifecycle Matrix sayfas\u0131ndan<\/a> kontrol edebilirsiniz. Y\u00fcklemeden \u00f6nce yedekleme yapmak veya g\u00fcncelleme gerektiren programlar\u0131n anl\u0131k g\u00f6r\u00fcnt\u00fcs\u00fcn\u00fc almak \u00f6neriliyor. Yamalar\u0131 ve y\u00fckleme ipu\u00e7lar\u0131n\u0131 <a href=\"https:\/\/kb.vmware.com\/s\/article\/88438\" target=\"_blank\" rel=\"noopener nofollow\">VMware Knowledge Base sayfas\u0131nda<\/a> bulabilirsiniz.<\/p>\n<p>B\u00fct\u00fcn bunlara ek olarak, internete eri\u015fimi olan t\u00fcm bilgi sistemleri i\u00e7in g\u00fcvenilir g\u00fcvenlik \u00e7\u00f6z\u00fcmleri y\u00fcklemeniz gerekti\u011fini de unutmamal\u0131s\u0131n\u0131z. Sanal ortamlar i\u00e7in buna <a href=\"https:\/\/www.kaspersky.com.tr\/small-to-medium-business-security\/virtualization-hybrid-cloud?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder____khcs___\" target=\"_blank\" rel=\"noopener\">\u00f6zel bir koruma<\/a> kullan\u0131lmal\u0131.<\/p>\n<p>Ek bir koruma katman\u0131 olarak altyap\u0131daki aktiviteleri izlemenizi ve k\u00f6t\u00fc ama\u00e7l\u0131 giri\u015f i\u015faretlerini sald\u0131rganlar ger\u00e7ek bir zarar vermeden \u00f6nce tespit etmenizi sa\u011flayan <a href=\"https:\/\/www.kaspersky.com.tr\/enterprise-security\/endpoint-detection-response-edr?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">\u00e7\u00f6z\u00fcmler<\/a> kullanman\u0131z da i\u015finize yarayacakt\u0131r.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"mdr\">\n","protected":false},"excerpt":{"rendered":"<p>ABD \u0130\u00e7 G\u00fcvenlik Bakanl\u0131\u011f\u0131, federal kurumlar\u0131n be\u015f g\u00fcn i\u00e7inde bir dizi VMware \u00fcr\u00fcn\u00fcn\u00fc &#8220;yamalamamas\u0131n\u0131 veya kald\u0131rmas\u0131n\u0131&#8221; istedi. B\u00fcy\u00fck olas\u0131l\u0131kla siz de buna uymal\u0131s\u0131n\u0131z.<\/p>\n","protected":false},"author":2706,"featured_media":10710,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194,1351],"tags":[2158,1886,790,2395],"class_list":{"0":"post-10709","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"category-threats","10":"tag-0-gun","11":"tag-guncellemeler","12":"tag-guvenlik-aciklari","13":"tag-vmware"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/critical-vulnerabilities-in-vmware-products\/10709\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/critical-vulnerabilities-in-vmware-products\/24196\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/critical-vulnerabilities-in-vmware-products\/19678\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/critical-vulnerabilities-in-vmware-products\/26521\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/critical-vulnerabilities-in-vmware-products\/24477\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/critical-vulnerabilities-in-vmware-products\/24827\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/critical-vulnerabilities-in-vmware-products\/27192\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/critical-vulnerabilities-in-vmware-products\/26724\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/critical-vulnerabilities-in-vmware-products\/33208\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/critical-vulnerabilities-in-vmware-products\/44390\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/critical-vulnerabilities-in-vmware-products\/18930\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/critical-vulnerabilities-in-vmware-products\/19478\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/critical-vulnerabilities-in-vmware-products\/28623\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/critical-vulnerabilities-in-vmware-products\/28291\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/critical-vulnerabilities-in-vmware-products\/25059\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/critical-vulnerabilities-in-vmware-products\/30559\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/critical-vulnerabilities-in-vmware-products\/30308\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/guvenlik-aciklari\/","name":"g\u00fcvenlik a\u00e7\u0131klar\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10709","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2706"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=10709"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10709\/revisions"}],"predecessor-version":[{"id":10711,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10709\/revisions\/10711"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/10710"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=10709"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=10709"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=10709"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}