VMware this week fixed two critical vulnerabilities in jts vCenter Server, used by data centers to manage the VMware vSphere server virtualization platform.
VMware is the world’s top cloud system and service management software based on revenue, according to IDC. vSphere is used by 68 percent of companies using server virtualization, with Microsoft’s Hyper-V in second place, at 60 percent, according to a 2020 survey by Spiceworks.
This is an example of a remote code execution vulnerability, one of the OWASP top ten.
The vulnerabilities were discovered by Mikhail Klyuchnikov, senior web application security researcher at Positive Technologies.
“There is already scanning of the internet for this vulnerability,” he told DCK.