VMware has identified a security thread within vCenter. An upload vulnerability in vCenter’s Analytics service allows attackers to run arbitrary code on vulnerable servers. On a scale of 1 to 10 in terms of impact, the vulnerability, CVE-2021-22005, is rated 9.8. “The implications of this vulnerability are serious and it will only be a matter of time, probably minutes after the announcement, before working exploits appear,” VMware said on September 21. The thread has been registered by VMware under VMSA-2021-0002.
Lees verder →