Vulnerability
vCenter Server is VMware’s unified management utility, and it is used to handle virtual machines, various ESXi hosts, and other resources. A remote attacker can arbitrarily read files on the host by accessing the open vCenter console. You can get the management account password by reading the vCenter configuration file, and then use it to govern the vCenter platform and the virtual machine clusters it oversees.
Mitigation / Precaution
In this regard, we advise users to upgrade vCenter Server to the most recent version as soon as possible.
Written by
Summarize:
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 14 days
