Download Certificate- Most Promising Partner | ECIO | Most Admired Brand | Most Trusted Company

VMware alerts of critical bug in default vCenter Server installs


By MYBRANDBOOK


VMware alerts of critical bug in default vCenter Server installs

Customers are warned by VMware to immediately patch a critical arbitrary file upload vulnerability in the Analytics service, impacting all appliances running default vCenter Server 6.7 and 7.0 deployments.

 

vCenter Server is a server management solution that helps IT admins manage virtualized hosts and virtual machines in enterprise environments via a single console.

 

“This vulnerability can be used by anyone who can reach vCenter Server over the network to gain access, regardless of the configuration settings of vCenter Server,” said Bob Plankers, Technical Marketing Architect at VMware.

 

The security flaw - tracked as CVE-2021-22005 and with a CVSS 3.1 severity rating of 9.8/10 - can be exploited by attackers to execute commands and software on unpatched vCenter Server deployments by uploading a specially crafted file.

 

This bug was reported by George Noseevich and Sergey Gerasimov of SolidLab LLC, and it can be exploited by unauthenticated attackers remotely in low complexity attacks that don’t require user interaction.

 

“The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service,” VMware explains in the security advisory. “A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.”

 

According to the company, patching this vulnerability should be added to the top of any IT admin’s task list, given that working exploits will likely surface right after the bug’s disclosure.

 

VMware said, “Immediately, the ramifications of this vulnerability are serious and it is a matter of time – likely minutes after the disclosure – before working exploits are publicly available. With the threat of ransomware looming nowadays the safest stance is to assume that an attacker may already have control of a desktop and a user account through the use of techniques like phishing or spearphishing, and act accordingly. This means the attacker may already be able to reach vCenter Server from inside a corporate firewall, and time is of the essence.”
 BREAKING NEWS  BREAKING NEWS
Cisco announces AI-native secure Wi-Fi 7 for future-ready employe

Cisco announces AI-native secure Wi-Fi 7 for future-ready employe...

Announcing a major leap in wireless technology, Cisco has launched its Wi...

The BSE benchmark Sensex tumbled over 800 points, leaving investo

The BSE benchmark Sensex tumbled over 800 points, leaving investo...

The BSE benchmark Sensex recently experienced a significant drop, tumblin...

North Korean GPS Interference Disrupts Air Traffic

North Korean GPS Interference Disrupts Air Traffic...

South Korea's military has publicly accused North Korea of disrupting GP...

US ordered TSMC to halt chip shipments to China

US ordered TSMC to halt chip shipments to China...

TSMC has had regular discussions with the government on export control issu...

 TECHNO TRENDS  Placeholder image
Nazara and ONDC set to transform in-game monetization with ‘

Nazara and ONDC set to transform in-game monetization with ‘

Nazara Technologies has teamed up with the Open Network for Digital Comme...

Jio Platforms and NICSI to offer cloud services to government

Jio Platforms and NICSI to offer cloud services to government

In a collaborative initiative, the National Informatics Centre Services In...

BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium

BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium

A syndicate led by Rail Vikas Nigam Limited (abbreviated as RVNL), along wi...

Pinterest tracks users without consent, alleges complaint

Pinterest tracks users without consent, alleges complaint

A recent complaint alleges that Pinterest, the popular image-sharing platf...

 E-Magazine 
 TECHNOTAINMENT  Placeholder image
Eloelo teams up with Elvish Yadav for India's biggest digital

Eloelo teams up with Elvish Yadav for India's biggest digital

Netflix adds 'Moments' feature for saving, sharing scenes from

Netflix adds 'Moments' feature for saving, sharing scenes from

Netflix has introduced a new “Moments” feature on its mobile app, whic
Jacqueline Fernandez come together with YouTuber Mr. Beast for

Jacqueline Fernandez come together with YouTuber Mr. Beast for

Jacqueline Fernandez has partnered with American YouTuber Mr. Beast to b
 MOVERS & SHAKERS  Placeholder image
Kamal Nath quits SIFY Technologies

Kamal Nath quits SIFY Technologies

Visa elevates Rishi Chhabra as new Country Manager for India

Visa elevates Rishi Chhabra as new Country Manager for India

Rishi holds a Master’s in Industrial Engineering from The Ohio State Univ
Genesys welcomes Albert Nel as Senior VP and Regional Sales Le

Genesys welcomes Albert Nel as Senior VP and Regional Sales Le

Genesys continues to deepen its investment in the APAC region. Earlier this
 OPEN YOUR EYES  Placeholder image

600% increase in malicious emails during Covid-19 crisis
The dangers of phishing are becoming Top Concern for the CEOs
Waiting For A Cybersecurity disaster to happen
Opportunities For Technological Disruption In Times Of Crisis
Digital dividends becomes a challenge to the digital divides.
 INTERVIEWS  Placeholder image
In India, 88% of Indian business leaders are planning to inves

In India, 88% of Indian business leaders are planning to inves

AMD Pensando driving innovation in the DPU architecture space

AMD Pensando driving innovation in the DPU architecture space

AMD Pensando stands out in the DPU (Data Processing Unit) market with its u
Acer addresses evolving customer needs by consistently pushing

Acer addresses evolving customer needs by consistently pushing

Acer offers a comprehensive range of products under one roof, including des
 HOT PICK  Placeholder image
BOULT unveils AmpVault V10 & V20 powerbanks: Fast charging, sa

BOULT unveils AmpVault V10 & V20 powerbanks: Fast charging, sa

SonicWall Launches TZ80: A Powerful Solution for Remote Office

SonicWall Launches TZ80: A Powerful Solution for Remote Office

SonicWall announced today the launch of the TZ80, a groundbreaking securit
Gigabyte X3D Turbo: A Gaming Revolution

Gigabyte X3D Turbo: A Gaming Revolution

GIGABYTE X3D Turbo Mode is a cutting-edge feature that unifies cores distr
 MAKE IN INDIA BRANDS   Placeholder image
ALPHAMAX TECHNOLOGIES PVT. LTD.

ALPHAMAX TECHNOLOGIES PVT. LTD.


WIPRO LTD.

WIPRO LTD.


TVS ELECTRONICS LTD.

TVS ELECTRONICS LTD.


TALLY SOLUTIONS PVT. LTD.

TALLY SOLUTIONS PVT. LTD.


 EMINENT CIO'S OF INDIA  EMINENT CIO'S OF INDIA

AIM TO PUT IA SOLUTIONS WITH A WIDE “GENERAL INTELLIGENCE” SCOPE INTO PRACTICE

Our firm is fortunate to be led by distinguished i...

STRATEGIC FRAMEWORK FOR SUSTAINABLE BUSINESS EXPANSION IS PATHWAY TO PROSPERITY

Accelerate the adoption of AI and machine learning...

HARNESSING THE POWER OF BIG DATA TO GAIN VALUABLE INSIGHTS

A Technology certainly drives innovation and busin...

 ICONS OF INDIA  Placeholder image

Icons Of India : Puneet Chandok

Puneet Chandok is President, Microsoft India & South Asia and is respo...

Icons Of India : ALOK OHRIE

Alok Ohrie leads Dell Technologies’ India business, overseeing Sales...

Icons Of India : ASHISH KUMAR CHAUHAN

Ashish kumar Chauhan, an Indian business executive and administrator, ...

 PARTNER SPEAKERS  EMINENT CIO'S OF INDIA

Innovation and Adaptability help to stay relevant

Utilizing data analytics tools, companies can track various metrics such as we...

"Keep IT Simple" with dedication to Quality

BM Infotrade prioritizes its motto of “Keep IT Simple”, with this it stand...

Gauging Brand Awareness with Data-Driven insights

Arrow PC Network utilizes data-driven insights extensively to gauge brand awar...

 PSU  Placeholder image

IREDA - Indian Renewable Energy Development Agency Limited 

IREDA is a specialized financial institution in India that facilitates...

CERT-IN - Indian Computer Emergency Response Team

CERT-In is a national nodal agency for responding to computer security...

NIC - National Informatics Centre  

NIC serves as the primary IT solutions provider for the government of ...

 VIDEOS  Placeholder image

 Top 25 Brands  Solution partners

Most Trusted Brands 2024: Infosys Ltd.

Infosys, leverages emerging technologies and digital capabilities to help clie...

Most Trusted Brands 2024: DELL TECHNOLOGIES INC.

Dell Technologies has been at the forefront of developing edge computing solut...

Most Trusted Brands 2024 : Salesforce Inc.  

Salesforce prioritizes customer success and satisfaction, focusing on building...

 Global Indian industry   Value-Added Distribution

Indian Tech Talent Excelling The Tech World - Rajiv Ramaswami, President & CEO, Nutanix Technologies

Rajiv Ramaswami, President and CEO of Nutanix, brings over 30 years of...

Indian Tech Talent Excelling The Tech World - Anirudh Devgan , President, Cadence Design

Anirudh Devgan, the Global President and CEO of Cadence Design Systems...

Indian Tech Talent Excelling The Tech World - Aneel Bhusri, CEO, Workday

Aneel Bhusri, Co-Founder and Executive Chair at Workday, has been a le...

 STARNITE AWARDS 2024  
 ITFORUM 2024  
   
 CMO of the Year   Placeholder image
 WOMEN LEADERSHIP  Placeholder image
 IMAGE GALLERY   Placeholder image
 TRENDS IN TECHNOLOGY  Placeholder image
MORE VIDEOS  Placeholder image
Brand Book
Brand Book
Brand Book
Brand Book
 ADVERTISEMENTS  Placeholder image
Brandbook Brandbook
 TECHNOLOGY DISRUPTION Placeholder image

Data Virtualization presents a unique approach for the Enterprises

Data Virtualization presents a unique approach for the Enterprises

Genesys and Salesforce announce AI-powered customer experience solution

Genesys and Salesforce announce AI-powered customer experience solution

Property developers and tenants get next generation networking from CommScope RUCKUS and Samsung

Property developers and tenants get next generation networking from CommScope RUCKUS and Samsung

Growing acceptance of TikTok, worries Facebook and Youtube

Growing acceptance of TikTok, worries Facebook and Youtube

 UNICORNS REVOLUTIONISING Placeholder image

5ire

5ire

Delhivery Private Limited

Delhivery Private Limited

ANI Technologies Pvt. Ltd.

ANI Technologies Pvt. Ltd.

NETMEDS HEALTH PRIVATE LIMITED

NETMEDS HEALTH PRIVATE LIMITED


Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org
ADMIRED BRANDS

AFTER MARKET SERVICES

CATEGORIES

DISTRIBUTORS & VADs
GOVERNMENT BODIES

INDUSTRY BODIES

MAKE IN INDIA

CONTACT US

SUBSCRIBE NOW