TT-CSIRT-397.27.09.21: TTCSIRT ADVISORY – VMware vCenter Server Vulnerability Under Active Exploit
VMware has disclosed that its vCenter Server is affected by an arbitrary file upload vulnerability—CVE-2021-22005—in the Analytics service. A malicious cyber actor with network access to port 443 can exploit this vulnerability to execute code on vCenter Server. VMware confirmed reports that CVE-2021-22005 is being exploited in the wild. Security researchers are also reporting mass […]