vCenter phoned home 'customer improvement' data and opened remote code execution hole

by
from The Register on (#2KES5)
Story ImageVMware's also released first vSphere 6.5 hardening guide

Ever worried that software phoning home application performance data so vendors can learn from real-world users might become an attack vector? If so, your nightmare just came true: VMware's vCenter has just that problem, thanks to its use of the Adobe-derived open source BlazeDS messaging tool to process messages."

External Content
Source RSS or Atom Feed
Feed Location http://www.theregister.co.uk/headlines.atom
Feed Title The Register
Feed Link https://www.theregister.com/
Feed Copyright Copyright © 2025, Situation Publishing
Reply 0 comments