Immediately after the public release of the exploit code for the VMware vCenter CVE-2021-22005 flaw threat actors started using it.
Researchers warn that immediately after the release of the exploit code for the recently addressed CVE-2021-22005 flaw in VMware vCenter threat actors started using it.
The CVE-2021-22005 issue is a critical arbitrary file upload vulnerability that impacts appliances running default vCenter Server 6.7 and 7.0 deployments.
vCenter Server is the centralized management utility for VMware, and is used to manage virtual machines, multiple ESXi hosts, and all dependent components from a single centralized location.
The vulnerability is due to the way it handles session tokens.
“VMware has released patches that address a new critical security advisory, VMSA-2021-0020. This needs your immediate attention if you are using vCenter Server.” reads the advisory published by the virtualization giant. “The VMSA outlines a number of issues that are resolved in this patch release. The most urgent addresses CVE-2021-22005, a file upload vulnerability that can be used to execute commands and
Read the article