by VMware has disclosed a critical random file upload vulnerability that affects all of its customers’ analytics service devices running vCenter Server 6.7 and 7.0 distributions. “This vulnerability can be exploited by anyone who can access the vCenter Server over the network to gain access regardless of the vCenter Server’s configuration settings,” said Bob Plankers, VMware technical marketing manager. The vulnerability tracked as CVE-2021-22005 and with a CVSS 3.1 severity rating of 9.8/10, could be exploited by attackers to execute commands and software on unpatched vCenter server deployments by uploading a specially crafted file.
Affected Systems and CVE/CWE
It has been stated that the following system/product is affected:
- VMware vCenter Server
CVE/CWE: CVE-2021-22005
Solution for vCenter Server
We recommend that you install the updates from the link below.
https://www.vmware.com/security/advisories/VMSA-2021-0020.html
Mitigate recommendations for those unable to update You need to manually restart the services on the VM or use a script provided by VMware to eliminate the possibility of exploits. You can access the details from the link below.
https://kb.vmware.com/s/article/85717
Reference:
https://www.vmware.com/security/advisories/VMSA-2021-0020.html
