image
Patrick Domingues

VMware vCenter VMSA-2021-0010 Advisory

In this VMware vCenter VMSA-2021-0010 Advisory, VMware vCenter Server updates address remote code execution and authentication vulnerabilities (CVE-2021-21985, CVE-2021-21986).

VMware Impacted Products?

  • VMware vCenter Server (vCenter Server)
  • VMware Cloud Foundation (Cloud Foundation)

Who is affected?

VMware Security Advisories always list the specific product versions that are affected. In this case it is vCenter Server 6.5, 6.7, and 7.0.

What’s Happening?

In this VMware Advisory they have discovered multiple vulnerabilities in the vSphere Client (HTML5). If the hacker has access to point 443 they could exploit a vulnerability that would allow commands to be executed with unrestricted privileges. VMware advised to update your servers right now!

How to protect your servers.

You can protect yourself by patching vCenter Server, this is the fastest way to resolve this problem and removes the vulnerability completely. From there you can update any plugins as vendors release new versions.

 

Discover more from Patrick Domingues

Subscribe to get the latest posts sent to your email.

author avatar
Patrick Domingues
See Full Bio
Vulnerabilities

Leave a Comment

Available On Amazon

Polls

What tutorials do you prefer?

View Results

Loading ... Loading ...

Categories

Archives

Subscribe Today

Want to know when new posts are published? Enter your email & click on that subscribe button.

Stay Informed

Receive instant notifications when new content is released.