A vulnerability with remote code was found in a widely used VMware product on Tuesday.<\/p>\n\n\n\n
The flaw is in the vCenter Server, a tool used to organize virtualization in large data centers.<\/p>\n\n\n\n
The problem was found and fixed the same day.<\/p>\n\n\n\n
According to a VMware advisor, vCenter machines that use standard configurations have a bug in many networks that allows malicious code to be executed.<\/p>\n\n\n\n
This happens when the machines are accessible on a port that is exposed to the Internet.<\/p>\n\n\n\n
The vulnerability has a severity score of 9.8 out of 10.<\/p>\n\n\n\n
The vulnerability is tracked as CVE-2021-21985.<\/p>\n\n\n\n
CVE-2021-21985 is the second vCenter vulnerability this year with a 9.8 rating.<\/p>\n\n\n\n
vCenter versions 6.5, 6.7, and 7.10 are all affected, and users with these machines should focus on this patch.<\/p>\n\n\n