WEB VMware vCenter Server AsyncTelemetryController Arbitrary File Write -1 (CVE-2021-22005)

Rule ID

1139779

Severity

Critical

Description

The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.

Impact

Remote code execution

Recommendation

Update vendor's patch.

IPS Category

Web threats

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

References

CVE-2021-22005

CVE-2021-22017

T1210

T0866

Keywords

N/A

Date Created

2021/09/27

Last Updated

2023/03/08

This website uses cookies to ensure you get the best experience on our website.