VMware alerts of critical bug in default vCenter Server installs
By MYBRANDBOOK
Customers are warned by VMware to immediately patch a critical arbitrary file upload vulnerability in the Analytics service, impacting all appliances running default vCenter Server 6.7 and 7.0 deployments.
vCenter Server is a server management solution that helps IT admins manage virtualized hosts and virtual machines in enterprise environments via a single console.
“This vulnerability can be used by anyone who can reach vCenter Server over the network to gain access, regardless of the configuration settings of vCenter Server,” said Bob Plankers, Technical Marketing Architect at VMware.
The security flaw - tracked as CVE-2021-22005 and with a CVSS 3.1 severity rating of 9.8/10 - can be exploited by attackers to execute commands and software on unpatched vCenter Server deployments by uploading a specially crafted file.
This bug was reported by George Noseevich and Sergey Gerasimov of SolidLab LLC, and it can be exploited by unauthenticated attackers remotely in low complexity attacks that don’t require user interaction.
“The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service,” VMware explains in the security advisory. “A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.”
According to the company, patching this vulnerability should be added to the top of any IT admin’s task list, given that working exploits will likely surface right after the bug’s disclosure.
VMware said, “Immediately, the ramifications of this vulnerability are serious and it is a matter of time – likely minutes after the disclosure – before working exploits are publicly available. With the threat of ransomware looming nowadays the safest stance is to assume that an attacker may already have control of a desktop and a user account through the use of techniques like phishing or spearphishing, and act accordingly. This means the attacker may already be able to reach vCenter Server from inside a corporate firewall, and time is of the essence.”
Google Play Store will now let users download two apps simulta
Google Play Store now lets users download two apps simultaneously. While a...
Google Pay has added "Open Wallet" shortcut
With the introduction of the "Open Wallet" shortcut, Google Pay has impro...
TRAI targets to finalise National Broadcast Policy by May-end
The Telecom Regulatory Authority of India will finalise the National Broa...
TAC Security becomes Cyber Security Assessor for the App Defen
The cybersecurity company, TAC Security has been selected as a key Cyber ...
WIPRO LTD.
MATRIX COMSEC PVT. LTD.
LAVA INTERNATIONAL LTD.
QUICK HEAL TECHNOLOGIES PVT. Ltd.
Technology Icons Of India 2023: Sachin Bansal
Sachin Bansal’s fintech startup, Navi Technologies, simplifies loan ...
Technology Icons Of India 2023: Sunil Bharti Mittal
Sunil Bharti Mittal is the Founder and Chairman of Bharti Enterprises,...
Technology Icons Of India 2023: Dr. P D Vaghela
Dr PD Vaghela serves as the Chairperson of Telecommunications Regulato...
DRDO is India's largest and most diverse research organisation
DRDO is the R&D wing of Ministry of Defence, Govt of India, with a vis...
Leading company into fertilizers in the country
NFL is a dynamic organization committed to serve the farming community...
ECIL continues to keep India ahead in the growth of Information Technology and Electronics
ECIL played a very significant role in the training and growth of high...
EXCLUSIVE NETWORKS SALES INDIA PVT. LTD.
Exclusive Networks is a globally trusted cybersecurity specialist hel...
ADITYA INFOTECH LTD.
Aditya Infotech Ltd. (AIL) – the technology arm of Aditya Group, is ...
NETPOLEON SOLUTIONS
Netpoleon Group is a Value-Added Distributor (VAD) of Network Security...