all InfoSec news
Multiple Vulnerabilities in VMware Products Could Allow for Arbitrary Code Execution
Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org
Multiple vulnerabilities have been discovered in VMware vCenter Server and Cloud Foundation, the most severe of which could allow for arbitrary code execution. VMware vCenter Server is the centralized management utility for VMware. VMware Cloud Foundation is a multi-cloud platform that provides a full-stack hyperconverged infrastructure (HCI) that is made for modernizing data centers and deploying modern container-based applications. Successful exploitation of these vulnerabilities could allow for arbitrary code execution in the context of the administrator account. An attacker could …
centralized management cloud cloud platform code code execution foundation hci hyperconverged hyperconverged infrastructure infrastructure management multi-cloud platform products server stack utility vcenter vcenter server vmware vmware cloud vmware cloud foundation vmware vcenter server vulnerabilities