VMware urges customers to immediately patch a critical vulnerability in vCenter Server – the management interface for vSphere environments. Ricter Z of 360 Noah Lab reported the vulnerability – CVE-2021-21985 – to VMware, and it has since been patched in vCenter Server versions 6.5, 6.7, and 7.0.
The vulnerability, according to VMware, affects the vSphere Client, notably the Virtual SAN Health Check plugin, which is activated by default in vCenter Server even if it isn’t being used. A threat actor with access to port 443 can use the vulnerability to run commands with elevated privileges on the vCenter Server operating system.
To Read More: securityweek