VMware vCenter Unauthenticated Arbitrary File Read Vulnerability Alert

On October 13, 2020, @ptswarm issued a risk notice for VMware vCenter arbitrary file reading. A remote attacker can arbitrarily read files on the host by accessing the open vCenter console. You can read the vCenter configuration file to obtain the management account password and then control the vCenter platform and the virtual machine clusters it manages.

Vulnerability Detail

Under the specific path of the vCenter Web service, there is an unverified external controllable parameter. You can directly pass in any file path and return the specific file content.

Affected version

  • Vmware vCenter Server : <=6.5.0

Unaffected version

  • VMware vCenter 6.5.0u1
  • VMware vCenter 7.*

Solution

In this regard, we recommend that users upgrade vCenter Server to the latest version in time.