PRIVATE_FEEDS/CVE_VULN_FEED/CVE-2021-22005-vmware_vcenter_rce/alert_text.md

Date: 2021-09-23

VMWares vCenter Server contains an RCE-vulnerability in the Analytics service. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

Patches and Workaroudns are available. Mass-Scanning is already happening.

CVE : CVE-2021-22005 Vendor : VMWare Product : vCenter Server

Patches : available Exploits : unknown

we found various IPs in your ORG/ASN, matching criteria for possible vulnerable systems

False-Positive-Level: unlikely

please find a list of affected IPs below and more information on that problem here:

References:

• https://www.vmware.com/security/advisories/VMSA-2021-0020.html
• https://www.tenable.com/blog/cve-2021-22005-critical-file-upload-vulnerability-in-vmware-vcenter-server
• https://twitter.com/bad_packets/status/1440893196993634307