VMware Cloud Foundation 3.0-4.0 and vCenter Server - Arbitrary File Upload via Analytics Service
The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.