Intrusion PreventionVMware.vCenter.vROps.Directory.Traversal
Description
This indicates an attack attempt to exploit a Directory Traversal Vulnerability in VMware vCenter Server.
This vulnerability is due to improper handling of the request parameters in the vulnerable application. A remote attacker could exploit this vulnerability by uploading a specially crafted file to the targeted server. Successful exploitation of this vulnerability could lead to arbitrary code execution on the affected system.
Affected Products
7.0 prior to 7.0 U1c
6.7 prior to 6.7 U3l
6.5 prior to 6.5 U3n
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://docs.vmware.com/en/VMware-vSphere/7.0/rn/vsphere-vcenter-server-70u1c-release-notes.html
https://docs.vmware.com/en/VMware-vSphere/6.7/rn/vsphere-vcenter-server-67u3l-release-notes.html
https://docs.vmware.com/en/VMware-vSphere/6.5/rn/vsphere-vcenter-server-65u3n-release-notes.html
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2021-06-08 | 18.094 | Default_action:pass:drop |
| 2021-03-16 | 18.036 | Sig Added |
| 2021-03-03 | 18.028 | Sig Added |
| 2021-03-02 | 17.025 |
| ID | 49928 |
| Created | Mar 01, 2021 |
| Updated | Jun 07, 2021 |
| Risk |
|
| CVE ID | CVE-2021-21972 |
| Known Exploited | Yes |
| Exploit Prediction Score | 97.3% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux |
| Affected App | Other |