‘Unauthorized API’ in VMware cost management tool can be exploited to hijack appliances

by
from The Register on (#5HGAA)
Remote code execution possible on vRealize Business for Cloud - which knows a lot about your private and public platforms

VMware has admitted its vRealize Business for Cloud product includes an unauthorised VAMI API" that can be exploited to achieve remote code execution on the virtual appliance. The security flaw is rated critical, scoring 9.8 on the ten-point Common Vulnerability Scoring System....

External Content
Source RSS or Atom Feed
Feed Location http://www.theregister.co.uk/headlines.atom
Feed Title The Register
Feed Link https://www.theregister.com/
Feed Copyright Copyright © 2024, Situation Publishing
Reply 0 comments