VMware.vCenter.Services.Controller.Insecure.Deserialization
Description
This indicates an attack attempt to exploit an Insecure Deserialization Vulnerability in VMware vCenter.
This vulnerability is due to insufficient validation of user-supplied data. A specially-crafted HTTP request by an attacker can lead to remote code execution.
Affected Products
VMware vCenter Server prior to 6.5 Update 3t
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.vmware.com/security/advisories/VMSA-2022-0025.html
Version Updates
Date | Version | Detail |
---|---|---|
2022-11-16 | 0.00334 |