Share
## https://sploitus.com/exploit?id=SAINT:EE84144729029592A2299C421448AC44
Added: 10/31/2022  


### Background

VMware Cloud Foundation is a hybrid cloud platform. 

### Problem

An XStream deserialization vulnerability in the NSM Manager component of VMware Cloud Foundation (NSX-V) allows a remote attacker to execute arbitrary commands. 

### Resolution

Apply the patch referenced in VMSA-2022-0027. 

### References

https://www.vmware.com/security/advisories/VMSA-2022-0027.html   
https://srcincite.io/blog/2022/10/25/eat-what-you-kill-pre-authenticated-rce-in-vmware-nsx-manager.html