Download Certificate- CMOs | ECIO | Most Admired Brand | Most Trusted Company

VMware alerts of critical bug in default vCenter Server installs


By MYBRANDBOOK


VMware alerts of critical bug in default vCenter Server installs

Customers are warned by VMware to immediately patch a critical arbitrary file upload vulnerability in the Analytics service, impacting all appliances running default vCenter Server 6.7 and 7.0 deployments.

 

vCenter Server is a server management solution that helps IT admins manage virtualized hosts and virtual machines in enterprise environments via a single console.

 

“This vulnerability can be used by anyone who can reach vCenter Server over the network to gain access, regardless of the configuration settings of vCenter Server,” said Bob Plankers, Technical Marketing Architect at VMware.

 

The security flaw - tracked as CVE-2021-22005 and with a CVSS 3.1 severity rating of 9.8/10 - can be exploited by attackers to execute commands and software on unpatched vCenter Server deployments by uploading a specially crafted file.

 

This bug was reported by George Noseevich and Sergey Gerasimov of SolidLab LLC, and it can be exploited by unauthenticated attackers remotely in low complexity attacks that don’t require user interaction.

 

“The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service,” VMware explains in the security advisory. “A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.”

 

According to the company, patching this vulnerability should be added to the top of any IT admin’s task list, given that working exploits will likely surface right after the bug’s disclosure.

 

VMware said, “Immediately, the ramifications of this vulnerability are serious and it is a matter of time – likely minutes after the disclosure – before working exploits are publicly available. With the threat of ransomware looming nowadays the safest stance is to assume that an attacker may already have control of a desktop and a user account through the use of techniques like phishing or spearphishing, and act accordingly. This means the attacker may already be able to reach vCenter Server from inside a corporate firewall, and time is of the essence.”
 BREAKING NEWS  BREAKING NEWS
Telecom operators write to DoT seeking ban on illegal WiFi device

Telecom operators write to DoT seeking ban on illegal WiFi device...

In a move that may see the widening of the gulf between telecom operators a...

Google lays off employees from Flutter, Dart and Python teams

Google lays off employees from Flutter, Dart and Python teams...

Google has laid off staff across key teams like Flutter, Dart, Python and...

Apple in talks to include OpenAI's generative AI tech in upcoming

Apple in talks to include OpenAI's generative AI tech in upcoming...

Apple has renewed talks with Sam Altman-led OpenAI about using its gener...

RBI criticizes TalkCharge and warns users for operating unauthori

RBI criticizes TalkCharge and warns users for operating unauthori...

Recently, the Reserve Bank of India warned the public about the risks reg...

 TECHNO TRENDS  Placeholder image
Google Play Store will now let users download two apps simulta

Google Play Store will now let users download two apps simulta

Google Play Store now lets users download two apps simultaneously. While a...

Google Pay has added

Google Pay has added "Open Wallet" shortcut

With the introduction of the "Open Wallet" shortcut, Google Pay has impro...

TRAI targets to finalise National Broadcast Policy by May-end

TRAI targets to finalise National Broadcast Policy by May-end

The Telecom Regulatory Authority of India will finalise the National Broa...

TAC Security becomes Cyber Security Assessor for the App Defen

TAC Security becomes Cyber Security Assessor for the App Defen

The cybersecurity company, TAC Security has been selected as a key Cyber ...

 E-Magazine 
 TECHNOTAINMENT  Placeholder image
ED attaches Raj Kundra, Shilpa Shetty’s Rs 97 crore worth as

ED attaches Raj Kundra, Shilpa Shetty’s Rs 97 crore worth as

Salman Khan trolled for singing with B Praak at Anant Ambani's

Salman Khan trolled for singing with B Praak at Anant Ambani's

To celebrate Mukesh Ambani's youngest son Anant Ambani’s 29th birthday

Disney+ Hotstar wins the Best OTT Platform of the year

Disney+ Hotstar wins the Best OTT Platform of the year

Film Critics Guild and Group M Motion Entertainment, in collaboration with

 MOVERS & SHAKERS  Placeholder image
DigiCert names Atri Chatterjee as CMO

DigiCert names Atri Chatterjee as CMO

Amagi names its Chief Product Officer

Amagi names its Chief Product Officer

Amagi announced the appointment of Richard Perkett as its Chief Product Of
Nium Appoints Alexandra Johnson appoints as Chief Payments Off

Nium Appoints Alexandra Johnson appoints as Chief Payments Off

Nium, the leader in real-time cross-border payments, today announced the ap
 OPEN YOUR EYES  Placeholder image

Digital economy is at risk with the growing cyber attacks
It is time to protect your critical business priorities from attackers
The rise in internet usage has opened the doors to conduct cyber-attacks
Capitalising on agility to win the digital banking competition
The demand for touch-less services are on huge demand
 INTERVIEWS  Placeholder image
Fortinet leading the charge towards networking and security co

Fortinet leading the charge towards networking and security co

Making security more accessible, CP PLUS stands unrivaled as a

Making security more accessible, CP PLUS stands unrivaled as a

The topmost priority of CP Plus is to establish a dedicated R&D Hub in Indi
IceWarp positioning itself as a disruptor in the Email and col

IceWarp positioning itself as a disruptor in the Email and col

Post pandemic, the digital evolution has evolved. With most organizations a
 HOT PICK  Placeholder image
Lenovo launches IdeaPad Pro 5i in India with Intel Core Ultra

Lenovo launches IdeaPad Pro 5i in India with Intel Core Ultra

COLORFUL rolls out an array of gaming laptops

COLORFUL rolls out an array of gaming laptops

COLORFUL launched its incredible series of COLORFUL EVOL P15 gaming laptop
Dell Technologies launches new AI-powered commercial PC portfo

Dell Technologies launches new AI-powered commercial PC portfo

Dell Technologies has launched the broadest portfolio of commercial AI lap
 MAKE IN INDIA BRANDS   Placeholder image
WIPRO LTD.  

WIPRO LTD.  


MATRIX COMSEC PVT. LTD. 

MATRIX COMSEC PVT. LTD. 


LAVA INTERNATIONAL LTD.  

LAVA INTERNATIONAL LTD.  


QUICK HEAL TECHNOLOGIES PVT. Ltd.

QUICK HEAL TECHNOLOGIES PVT. Ltd.


 EMINENT CIO'S OF INDIA  EMINENT CIO'S OF INDIA

Staying updated with emerging technologies leads to business growth

Comprise all endpoint devices, such as desktop sys...

Digital transformation with customer centricity has helped Lenskart rule the market

We continually innovate in bringing secure digital...

With a planned agenda and strategic move enhancing the business growth 

Being a CISO I am setting up clear goals on a quar...

 ICONS OF INDIA  Placeholder image

Technology Icons Of India 2023: Sachin Bansal

Sachin Bansal’s fintech startup, Navi Technologies, simplifies loan ...

Technology Icons Of India 2023: Sunil Bharti Mittal

Sunil Bharti Mittal is the Founder and Chairman of Bharti Enterprises,...

Technology Icons Of India 2023: Dr. P D Vaghela

Dr PD Vaghela serves as the Chairperson of Telecommunications Regulato...

 PARTNER SPEAKERS  EMINENT CIO'S OF INDIA

Creating a valuable and profitable long term business relationship to scale business growth

iValue is the center of the ecosystem, where it connects its channel partners ...

Iris Global Services prides itself in prioritizing customer’s needs and overcoming IT challenges

Considering India’s fast-growing economy, the future of the Indian IT indust...

BM Infotrade prioritising digital transformation and CX, while fostering innovation and agility

Undoubtedly people tend to resist the change and find it difficult to adapt to...

 PSU  Placeholder image

DRDO is India's largest and most diverse research organisation 

DRDO is the R&D wing of Ministry of Defence, Govt of India, with a vis...

Leading company into fertilizers in the country 

NFL is a dynamic organization committed to serve the farming community...

ECIL continues to keep India ahead in the growth of Information Technology and Electronics  

ECIL played a very significant role in the training and growth of high...

 VIDEOS  Placeholder image

 Top 25 Brands  Solution partners

Most Trusted Brands 2023 : Dell Technologies India Pvt. Ltd.    

Dell Technologies helps organizations and individuals build their digital futu...

Most Trusted Brands 2023 : Hewlett Packard Enterprise India Pvt. Ltd.  

Hewlett Packard Enterprise is the global edge-to-cloud company with offerings ...

Most Trusted Brands 2023 : IBM India Pvt. Ltd.

One of the world’s oldest and largest technology companies, IBM is credited ...

 Value-Added Distribution  Value-Added Distribution

EXCLUSIVE NETWORKS SALES INDIA PVT. LTD.

Exclusive Networks is a globally trusted cybersecurity specialist hel...

ADITYA INFOTECH LTD.

Aditya Infotech Ltd. (AIL) – the technology arm of Aditya Group, is ...

NETPOLEON SOLUTIONS

Netpoleon Group is a Value-Added Distributor (VAD) of Network Security...

 ITFORUM 2024  
 WIITF 2024  
   
 CMO of the Year   Placeholder image
 WOMEN LEADERSHIP  Placeholder image
 EMINENT CIO's OF INDIA   Placeholder image
 TRENDS IN TECHNOLOGY  Placeholder image
MORE VIDEOS  Placeholder image
Brand Book
Brand Book
Brand Book
Brand Book
 ADVERTISEMENTS  Placeholder image
 TECHNOLOGY DISRUPTION Placeholder image

Zebra Technologies collaborates with Qualcomm to demonstrate Generative AI on its devices

Zebra Technologies collaborates with Qualcomm to demonstrate Generative AI on its devices

Smart Badges Market

Smart Badges Market

JP Morgan to hire Indian techies mostly in AI & ML

JP Morgan to hire Indian techies mostly in AI & ML

Comviva partners with XoXoday to revolutionize loyalty experiences

Comviva partners with XoXoday to revolutionize loyalty experiences

 UNICORNS REVOLUTIONISING Placeholder image

Coforge Limited

Coforge Limited

Freshworks Inc.

Freshworks Inc.

A&A DUKAAN FINANCIAL SERVICES PRIVATE LIMITED

A&A DUKAAN FINANCIAL SERVICES PRIVATE LIMITED

NoBroker Technologies Solutions Private Limited

NoBroker Technologies Solutions Private Limited


Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org
ADMIRED BRANDS

AFTER MARKET SERVICES

CATEGORIES

DISTRIBUTORS & VADs
GOVERNMENT BODIES

INDUSTRY BODIES

MAKE IN INDIA

CONTACT US

SUBSCRIBE NOW