Download Certificate- Most Promising Partner | ECIO | Most Admired Brand | Most Trusted Company

VMware alerts of critical bug in default vCenter Server installs


By MYBRANDBOOK


VMware alerts of critical bug in default vCenter Server installs

Customers are warned by VMware to immediately patch a critical arbitrary file upload vulnerability in the Analytics service, impacting all appliances running default vCenter Server 6.7 and 7.0 deployments.

 

vCenter Server is a server management solution that helps IT admins manage virtualized hosts and virtual machines in enterprise environments via a single console.

 

“This vulnerability can be used by anyone who can reach vCenter Server over the network to gain access, regardless of the configuration settings of vCenter Server,” said Bob Plankers, Technical Marketing Architect at VMware.

 

The security flaw - tracked as CVE-2021-22005 and with a CVSS 3.1 severity rating of 9.8/10 - can be exploited by attackers to execute commands and software on unpatched vCenter Server deployments by uploading a specially crafted file.

 

This bug was reported by George Noseevich and Sergey Gerasimov of SolidLab LLC, and it can be exploited by unauthenticated attackers remotely in low complexity attacks that don’t require user interaction.

 

“The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service,” VMware explains in the security advisory. “A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.”

 

According to the company, patching this vulnerability should be added to the top of any IT admin’s task list, given that working exploits will likely surface right after the bug’s disclosure.

 

VMware said, “Immediately, the ramifications of this vulnerability are serious and it is a matter of time – likely minutes after the disclosure – before working exploits are publicly available. With the threat of ransomware looming nowadays the safest stance is to assume that an attacker may already have control of a desktop and a user account through the use of techniques like phishing or spearphishing, and act accordingly. This means the attacker may already be able to reach vCenter Server from inside a corporate firewall, and time is of the essence.”
 BREAKING NEWS  BREAKING NEWS
Elon Musk Merges X with xAI in $33 Billion Stock Deal

Elon Musk Merges X with xAI in $33 Billion Stock Deal...

Elon Musk has made waves once again by merging X (formerly Twitter) with...

India Strengthens Electronics Supply Chain with ₹22,919 Cr Manu

India Strengthens Electronics Supply Chain with ₹22,919 Cr Manu...

The scheme aims to attract an investment of INR 59,350 Cr, resulting in pro...

Govt Drops Import Duty making EV Batteries cheaper

Govt Drops Import Duty making EV Batteries cheaper...

The Centre is taking measures to counter the impact of US President Donald ...

CERT-In’s New Advisory Unveils Hidden Cyber Threats

CERT-In’s New Advisory Unveils Hidden Cyber Threats...

The advisory highlights critical vulnerabilities in AI models, outlines mul...

 TECHNO TRENDS  Placeholder image
Legal Battle Over IT Act Intensifies Amid Musk’s India Plans

Legal Battle Over IT Act Intensifies Amid Musk’s India Plans

The outcome of the legal dispute between X Corp and the Indian government c...

Wipro inks 10-year deal with Phoenix Group's ReAssure UK worth

Wipro inks 10-year deal with Phoenix Group's ReAssure UK worth

The agreement, executed through Wipro and its 100% subsidiary,...

Centre announces that DPDP Rules nearing Finalisation by April

Centre announces that DPDP Rules nearing Finalisation by April

The government seeks to refine the rules for robust data protection, ensuri...

Home Ministry cracks down on PoS agents in digital arrest scam

Home Ministry cracks down on PoS agents in digital arrest scam

Digital arrest scams are a growing cybercrime where victims are coerced or ...

 E-Magazine 
 TECHNOTAINMENT  Placeholder image
For 2nd Time, Kaspersky announced Mumbai Indians’ Official C

For 2nd Time, Kaspersky announced Mumbai Indians’ Official C

Hrithik Roshan to endorse RuPay as Brand Ambassador

Hrithik Roshan to endorse RuPay as Brand Ambassador

RuPay is reportedly planning to feature Bollywood superstar Hrithik Rosha
India Today Group launches – AI Pop Stars

India Today Group launches – AI Pop Stars

Staying true to our industry leadership position in using cutting-edge tech
 MOVERS & SHAKERS  Placeholder image
Cloudflare Promotes Goran Risticevic as VP & MD for APAC

Cloudflare Promotes Goran Risticevic as VP & MD for APAC

TelioLabs ropes in Phaniraj V A as the Group CEO

TelioLabs ropes in Phaniraj V A as the Group CEO

TelioLabs has announced the onboarding of Phaniraj V A as its new Group CE
Wipro Appoints Amit Kumar as Managing Partner and Global Head

Wipro Appoints Amit Kumar as Managing Partner and Global Head

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO), a leading technology s
 OPEN YOUR EYES  Placeholder image

Tools and technologies are being used for Remote Work and Collaboration Teams
A question arises on how would be the future of the workplace?
Artificial Intelligence and Cyber-security are key pillars of Digitization
COVID-19 Crisis Leads To Rising Growth Of Enterprise Collaboration Market
No road block for the cyber espionage cases
 INTERVIEWS  Placeholder image
Alcatel-Lucent Enterprise Carrying a 100 year legacy ahead

Alcatel-Lucent Enterprise Carrying a 100 year legacy ahead

Alpha Max offers high end solutions in the network space to en

Alpha Max offers high end solutions in the network space to en

The vision at Alpha Max is to attain quality as the trademark and create a

Delivering Critical Business Communication Solutions to Enterp

Delivering Critical Business Communication Solutions to Enterp

Arya Omnitalk and Syntel’s comprehensive suite of solutions and more than
 HOT PICK  Placeholder image
ASUS ExpertCenter P500 Mini Tower Desktop PC's launched in Ind

ASUS ExpertCenter P500 Mini Tower Desktop PC's launched in Ind

MSI Announces the availability of RTX 50 series of laptops in

MSI Announces the availability of RTX 50 series of laptops in

MSI, the innovative computing manufacturer in gaming, creator
Nothing Phone (3a) goes on sale today, starting at Rs 19,999

Nothing Phone (3a) goes on sale today, starting at Rs 19,999

The phone was launched on March 4, featuring a 50MP main, ultra-wide, and t
 MAKE IN INDIA BRANDS   Placeholder image
STERLITE TECHNOLOGIES LTD.

STERLITE TECHNOLOGIES LTD.


HP INDIA SALES PVT. LTD.

HP INDIA SALES PVT. LTD.


DELL TECHNOLOGIES INDIA PVT. LTD.

DELL TECHNOLOGIES INDIA PVT. LTD.


SAMRIDDHI AUTOMATIONS PVT. LTD.

SAMRIDDHI AUTOMATIONS PVT. LTD.


 EMINENT CIO'S OF INDIA  EMINENT CIO'S OF INDIA

AI AND DATA ANALYTICS REVOLUTIONIZING HEALTHCARE SERVICES

...

STRATEGIC FRAMEWORK FOR SUSTAINABLE BUSINESS EXPANSION IS PATHWAY TO PROSPERITY

Accelerate the adoption of AI and machine learning...

AIM TO PUT IA SOLUTIONS WITH A WIDE “GENERAL INTELLIGENCE” SCOPE INTO PRACTICE

Our firm is fortunate to be led by distinguished i...

 ICONS OF INDIA  Placeholder image

Icons Of India : Debjani Ghosh

Debjani Ghosh is the President of the National Association of Software...

ICONS OF INDIA : RAJESH NAMBIAR

Rajesh leads the company’s India associates and enhances relationshi...

ICONS OF INDIA : SANJAY GUPTA 

Sanjay Gupta is the Country Head and Vice President of Google India an...

 PARTNER SPEAKERS  EMINENT CIO'S OF INDIA

A Trusted IT Partner Renowned For Reliability, Expertise, and Customer-Centricity

Fast paced changes in digital technology and constant innovations are impactin...

Constantly Modifying Services And Strategies To Remain Pertinent And Competitive

The company conducts regular audits and reviews of its brand communication eff...

A "Make in India" brand dedicated to offer high quality communication products

For any brand to be successful, it is crucial that it understands the market d...

 PSU  Placeholder image

STPI - Software Technology Parks of India 

STPI promotes and facilitates the growth of the IT and ITES industry i...

DRDO - Defence Research and Development Organisation 

DRDO responsible for the development of technology for use by the mili...

NIC - National Informatics Centre  

NIC serves as the primary IT solutions provider for the government of ...

 VIDEOS  Placeholder image

 Top 25 Brands  Solution partners

Most Trusted Brands 2024 : ACCENTURE PLC

Accenture is renowned for its commitment to technological innovation. It inves...

Most Trusted Brands 2024: Infosys Ltd.

Infosys, leverages emerging technologies and digital capabilities to help clie...

Most Trusted Brands 2024: TATA CONSULTANCY SERVICES LTD. (TCS)

TCS, a global leader in IT services, consulting, and business solutions, has b...

 Global Indian industry   Value-Added Distribution

Indian Tech Talent Excelling The Tech World - RAVI KUMAR S, CEO- Cognizant

Ravi Kumar S, appointed as CEO of Cognizant in January 2023, sets the ...

Indian Tech Talent Excelling The Tech World - Sanjay Mehrotra, CEO- Micron Technology

Sanjay Mehrotra, the President and CEO of Micron Technology, is at the...

Indian Tech Talent Excelling The Tech World - Sundar Pichai, CEO- Alphabet Inc.

Sundar Pichai, the CEO of Google and its parent company Alphabet Inc.,...

 ITFORUM 2025  
 STARNITE AWARDS 2024  
   
 CMO of the Year   Placeholder image
 WOMEN LEADERSHIP  Placeholder image
 IMAGE GALLERY   Placeholder image
 TRENDS IN TECHNOLOGY  Placeholder image
MORE VIDEOS  Placeholder image
Brand Book
Brand Book
Brand Book
Brand Book
 ADVERTISEMENTS  Placeholder image
Brandbook Brandbook
 TECHNOLOGY DISRUPTION Placeholder image

IBM Consulting opens new Client Innovation Centers in Kochi and Coimbatore

IBM Consulting opens new Client Innovation Centers in Kochi and Coimbatore

Web3 and NFTs will continue to evolve for creating new marketplaces

Web3 and NFTs will continue to evolve for creating new marketplaces

Tech Mahindra partners with IQM Quantum Computers for research in Quantum Computing

Tech Mahindra partners with IQM Quantum Computers for research in Quantum Computing

Genrobotics wins NASSCOM Emerge 50 Award for G Gaiter AI-based Robotic Gait Trainer

Genrobotics wins NASSCOM Emerge 50 Award for G Gaiter AI-based Robotic Gait Trainer

 UNICORNS REVOLUTIONISING Placeholder image

MOGLI LABS PRIVATE LIMITED

MOGLI LABS PRIVATE LIMITED

Eruditus Executive Education

Eruditus Executive Education

ANI Technologies Pvt. Ltd.

ANI Technologies Pvt. Ltd.

Acko General Insurance

Acko General Insurance


Copyright www.mybrandbook.co.in @1999-2025 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org
of images belongs to the respective copyright holders
ADMIRED BRANDS

AFTER MARKET SERVICES

CATEGORIES

DISTRIBUTORS & VADs
GOVERNMENT BODIES

INDUSTRY BODIES

MAKE IN INDIA

EXPLORE THE NEW BRAND BOOK
CONTACT US

SUBSCRIBE NOW