The vulnerability, tracked as CVE-2021-21985, involves vCenter Server versions 6.5, 6.7 and 7.0. Given the severity of the vulnerability, VMware has strongly recommended that partners and customers mitigate the issue, according to Bob Plankers,
The fixes, VMware says, address the following two issues:
- First, there is a remote code execution vulnerability in the vSAN plugin, which ships as part of vCenter Server. This vulnerability can be used by anyone who can reach vCenter Server over the network to gain access, regardless of whether you use vSAN or not.
- Second, improvements were made to the vCenter Server plugin framework to better enforce plugin authentication.
VMware vCenter Server Vulnerability Represents Global Risk
The vulnerability represents a high-risk situation for cloud service providers (CSPs), managed IT service providers and IT professionals worldwide. The reason: VMware vCenter Server is widely deployed as hybrid cloud software architecture across on-premises, hosted and cloud data centers.