VMware urged immediate patching of the max-severity, arbitrary file upload flaw in Analytics service, which affects all appliances running default 6.5, 6.7 and 7.0 installs.
https://threatpost.com/vmware-ransomware-bug-vcenter-server/174901/
Discussion related to Vulnerabilities