VMware.VCCM.ImageUploadServlet.Arbitrary.File.Upload
Description
This indicates an attack attempt against an Arbitrary File Upload vulnerability in VMware vCenter Chargeback Manager.
The vulnerability is caused by an design flaw in the ImageUploadServlet when the vulnerable software handles a unauthenticated file upload. It allows a remote attacker to upload an arbitrary file onto vulnerable systems.
Affected Products
VMWare vCenter Chargeback Manager 2.0.1
VMWare vCenter Chargeback Manager 2.0
VMWare vCenter Chargeback Manager 1.6.2
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://downloads.vmware.com/d/info/it_business_management/vmware_vcenter_chargeback/2_5
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |