Definition

Cloudburst VM escape

TechTarget Contributor

By

TechTarget Contributor

Cloudburst virtual machine escape is an exploit method that enables a guest-level virtual machine (VM) to attack its host. The method takes advantage of a flaw in VMware Workstation working in conjunction with Cloudburst, IBM's cloud service provisioning software for cloud providers.

In a virtual machine escape, an attacker runs code on a VM that allows an operating system running within it to break out and interact directly with the hypervisor. A VM escape gives the attacker access to the host operating system and all other virtual machines running on that host.

Research firm Kostya Kortchinsky Immunity Inc. developed the Cloudburst VM escape method.

This was last updated in April 2012

Dig Deeper on Cloud Computing Virtualization: Secure Multitenancy - Hypervisor Protection

SearchSecurity

How to start implementing passwordless authentication today
Everyone is tired of passwords, but a truly passwordless world isn't quite there yet. Learn what options companies currently have...
5 infosec predictions for 2022
If the predictions are correct, 2022 will be another groundbreaking year for information security. Have a look at the security ...
Top cloud security standards and frameworks to consider
Cloud security standards and frameworks are key to securing systems and maintaining privacy. Read up on available options and ...

SearchCloudComputing

PaaS and containers: Key differences, similarities and uses
There are pros and cons to both PaaS and containers. Which to use for application deployment depends on an organization's ...
How to choose a PaaS or IaaS that aligns with DevOps
There are benefits and drawbacks to using PaaS or IaaS as part of your DevOps strategy; the key is to pick a model that will be ...
Weigh the benefits and drawbacks of a hybrid data warehouse
Among other benefits, a hybrid cloud data warehouse can offer enhanced flexibility and scalability, as well as on-demand access ...

SearchAWS

In search of AWS Solutions Architect preparation?
Think you're ready for the AWS Certified Solutions Architect certification exam? Test your knowledge with these 12 questions, and...
Experts raise privacy concerns over Amazon fleet surveillance
Amazon said its van monitoring system is designed solely for driver safety. But many industry experts have concerns regarding the...
Here's why Amazon's global expansion won't come easy
Amazon would like to strengthen its global footprint, but the e-commerce giant faces roadblocks and challenges today that did not...

SearchServerVirtualization

Raghu Raghuram shares VMware's plan for the multi-cloud era
In anticipation of increasingly diverse corporate computing environments, VMware CEO Raghu Raghuram is prepared to deliver the ...
Low-cost virtualization courses to build your VMware skills
Online courses are a great option for professional development, but they can be costly. Options from Udemy, LinkedIn and Global ...
Your starter guide to Docker troubleshooting
Though containers bring a lot of benefits, no container engine is perfect. Get an idea of what Docker troubleshooting involves, ...

SearchVMware

What to know about VMware cloud repatriation options
Businesses might seek to move data from VMware Cloud on AWS back on premises for a handful of reasons. Consider the various ...
VMware disaster recovery best practices for enhanced security
VMware DR ensures your workloads remain secure and online in the event of a disaster. You can use best practices, such as ...
VCF 4.3 focuses on security vulnerability elimination
VMware's updates to its VCF product include additional security measures, such as FIPS support, as well as improvements to its ...

ComputerWeekly.com

Tinder algorithm charging users more based on age
Popular dating app Tinder could have broken data protection and equality laws by using personal data about people’s age to set ...
CTO interview: James Donkin, Ocado Technology
Ocado is a cloud-first business and develops its own software cloud-natively, but some things need to be processed on-premise or ...
UKCloud acquired: Troubled government cloud provider receives funding lifeline
UKCloud has declined to reveal the terms of its acquisition by an investment company run by its own chairman, prompting questions...

Close