A vulnerability with remote code was found in a widely used VMware product on Tuesday.
The flaw is in the vCenter Server, a tool used to organize virtualization in large data centers.
The problem was found and fixed the same day.
According to a VMware advisor, vCenter machines that use standard configurations have a bug in many networks that allows malicious code to be executed.
This happens when the machines are accessible on a port that is exposed to the Internet.
The vulnerability has a severity score of 9.8 out of 10.
The vulnerability is tracked as CVE-2021-21985.
CVE-2021-21985 is the second vCenter vulnerability this year with a 9.8 rating.
vCenter versions 6.5, 6.7, and 7.10 are all affected, and users with these machines should focus on this patch.
For more information, read the original story in arstechnica.
