Date: 2021-09-23

VMWares vCenter Server contains an RCE-vulnerability in the Analytics service. 
VMware has evaluated the severity of this issue to be in the Critical severity 
range with a maximum CVSSv3 base score of 9.8.

Patches and Workaroudns are available.
Mass-Scanning is already happening.




CVE       : CVE-2021-22005
Vendor    : VMWare
Product   : vCenter Server

Patches   : available
Exploits  : unknown


we found various IPs in your ORG/ASN,
matching criteria for possible vulnerable systems


False-Positive-Level: unlikely


please find a list of affected IPs below
and more information on that problem here:

References:

- https://www.vmware.com/security/advisories/VMSA-2021-0020.html
- https://www.tenable.com/blog/cve-2021-22005-critical-file-upload-vulnerability-in-vmware-vcenter-server
- https://twitter.com/bad_packets/status/1440893196993634307