VMware’s Perfect 10 Vulnerability: Three “Simple” Steps to Admin
Cbronline | April 16, 2020
On April 9, as many were getting ready in the UK for a long Easter Bank Holiday weekend, VMware quietly pushed out a security advisory for a major vulnerability in vCenter — the centralised management utility for the server and desktop virtualisation giant’s customers. The fix was for a critical flaw that, if exploited, would give an attacker access to the crown jewels of corporate infrastructure: the bug sits at the heart of vmdir (VMware directory service), which is central to a product that manages thousands of virtual machines and virtualised hosts.