Unsafe Deserialization Vulnerability in vCenter Server's PSC Allows Arbitrary Code Execution
CVE-2022-31680 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
The vCenter Server contains an unsafe deserialisation vulnerability in the PSC (Platform services controller). A malicious actor with admin access on vCenter server may exploit this issue to execute arbitrary code on the underlying operating system that hosts the vCenter Server.
Learn more about our Cis Benchmark Audit For Server Software.