VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload
Severity: HIGH
Advisory Date: JUL 21, 2015
DESCRIPTION
VMware vCenter Chargeback Manager (aka CBM) before 2.5.1 does not proper handle uploads, which allows remote attackers to execute arbitrary code via unspecified vectors.
TREND MICRO PROTECTION INFORMATION
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1005647