Vulnerability in VMware product has severity rating of 9.8 out of 10

by
Dan Goodin
from Ars Technica - All content on (#5J8QQ)
caution-800x534.jpg

Enlarge (credit: Michael Theis / Flickr)

Data centers around the world have a new concern to contend with-a remote code vulnerability in a widely used VMware product.

The security flaw, which VMware disclosed and patched on Tuesday, resides in the vCenter Server, a tool used for managing virtualization in large data centers. vCenter Server is used to administer VMware's vSphere and ESXi host products, which by some rankings are the first and second most popular virtualization solutions on the market. Enlyft, a site that provides business intelligence, shows that more than 43,000 organizations use vSphere.

Serious"

A VMware advisory said that vCenter machines using default configurations have a bug that, in many networks, allows for the execution of malicious code when the machines are reachable on a port that is exposed to the Internet. The vulnerability is tracked as CVE-2021-21985 and has a severity score of 9.8 out of 10.

Read 8 remaining paragraphs | Comments

index?i=E31A6xao5KY:7ljeCAoC6Pg:V_sGLiPB index?i=E31A6xao5KY:7ljeCAoC6Pg:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments