The Hacker News

CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog

CISA added VMware vCenter vulnerability CVE-2024-37079 to its KEV list after confirmed in-the-wild exploitation, urging ...
The Register on MSN

Patch or die: VMware vCenter Server bug fixed in 2024 under attack today

If you skipped it back then, now’s a very good time You've got to keep your software updated. Some unknown miscreants are exploiting a critical VMware vCenter Server bug more than a year after ...
Bleeping Computer

VMware fixes vCenter Server bugs allowing code execution, auth bypass

VMware has addressed multiple high-severity security flaws in vCenter Server, which can let attackers gain code execution and bypass authentication on unpatched systems. vCenter Server is the control ...
ZDNet

RCE is back: VMware details file upload vulnerability in vCenter Server

If you haven't patched vCenter in recent months, please do so at your earliest convenience. Following on from its remote code execution hole in vCentre in May, VMware has warned of a critical ...
Ars Technica

vCenter Server Appliance upgrade woes, deploy new and move nodes?

Last weekend we shutdown our 2 node VMWare ESXi cluster, managed by vCenter Server Appliance 5.0.0.3324 Build 472350 (which uses the embedded DB2 database). There was some building work going on and ...
Bleeping Computer

VMware warns of critical bug in default vCenter Server installs

VMware warns customers to immediately patch a critical arbitrary file upload vulnerability in the Analytics service, impacting all appliances running default vCenter Server 6.7 and 7.0 deployments.
Ars Technica

vCenter Server Failover

I work in a software development and test facility that supports some significant legacy applications and platforms. A lot of this code is critical to our end user, but we are finally modernizing the ...