Critical Security Advisory: VMware Releases Security Updates for Critical Vulnerabilities
Situation
VMware has released security updates to address multiple vulnerabilities in vCenter Server and Cloud Foundation. VMware is urging vCenter users to update vCenter Server versions 6.5, 6.7, and 7.0 immediately.
Problem
The most severe of the vulnerabilities that were patched is a remote code execution vulnerability (CVE-2021-21985) found in vSphere Client (HTML5). This vulnerability is due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server.
Implication
An attacker with network access to port 443 may be able to exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.
Need
VMware strongly recommends customers update vCenter Server 6.5, 6.7, and 7.0 to the most recent version as soon as possible. Additional information can be found in the links below.
For a brief overview:
https://us-cert.cisa.gov/ncas/current-activity/2021/06/04/unpatched-vmware-vcenter-software
For a more technical overview:
https://www.vmware.com/security/advisories/VMSA-2021-0010.html
VMware blog post:
https://blogs.vmware.com/vsphere/2021/05/vmsa-2021-0010.html
