Critical VMware vCenter Server Vulnerability Requires Patching

Credit: WMware

VMware is telling partners and customers to patch a critical vCenter Server vulnerability that is present in all vCenter Server Deployments, according to a VMware security advisory.

The vulnerability, tracked as CVE-2021-21985, involves vCenter Server versions 6.5, 6.7 and 7.0. Given the severity of the vulnerability, VMware has strongly recommended that partners and customers mitigate the issue, according to Bob Plankers,

The fixes, VMware says, address the following two issues:

  • First, there is a remote code execution vulnerability in the vSAN plugin, which ships as part of vCenter Server. This vulnerability can be used by anyone who can reach vCenter Server over the network to gain access, regardless of whether you use vSAN or not.
  • Second, improvements were made to the vCenter Server plugin framework to better enforce plugin authentication.

VMware vCenter Server Vulnerability Represents Global Risk

The vulnerability represents a high-risk situation for cloud service providers (CSPs), managed IT service providers and IT professionals worldwide. The reason: VMware vCenter Server is widely deployed as hybrid cloud software architecture across on-premises, hosted and cloud data centers.

This security flaw was reported by Ricter Z of 360 Noah Lab,  according to Bleeping Computer. Special thanks from MSSP Alert to Andrew Morgan of The Cyber Nation for additional info.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.