Description
The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. This vulnerability impacts vCenter Server versions 6.7 and 7.0. An attacker with network access to port 443 could exploit this vulnerability by uploading a specially crafted file to execute code on vCenter Server.
Detection
Although there is no PoC at this time, ongoing scanning activity has been spotted by threat intelligence company Bad Packets and Idappcom has been able to create a traffic file and matching rule using this information.
Coverage
Idappcom has created signature 8021804 along with a traffic file.
References
Traffic IQ
If you are concerned that your business may be at risk of this vulnerability or others why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here https://www.idappcom.co.uk/traffic-iq-professional