This article has been indexed from The Hacker News
VMware has rolled out patches to address a critical security vulnerability in vCenter Server that could be leveraged by an adversary to execute arbitrary code on the server.
Tracked as CVE-2021-21985 (CVSS score 9.8), the issue stems from a lack of input validation in the Virtual SAN (vSAN) Health Check plug-in, which is enabled by default in the vCenter Server. “A malicious actor with network
Read the original article: Critical RCE Vulnerability Found in VMware vCenter Server — Patch Now!