The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. This vulnerability impacts vCenter Server versions 6.7 and 7.0. An attacker with network access to port 443 could exploit this vulnerability by uploading a specially crafted file to execute code on vCenter Server.
Although there is no PoC at this time, ongoing scanning activity has been spotted by threat intelligence company Bad Packets and Idappcom has been able to create a traffic file and matching rule using this information.
Idappcom has created signature 8021804 along with a traffic file.
If you are concerned that your business may be at risk of this vulnerability or others why not try out our Traffic IQ software which can test your defences and report any issues. Learn more here https://www.idappcom.co.uk/traffic-iq-professional