VMware Alerts That Critical Vulnerability Has Been Found In vCenter Server

critical vulnerability in VMware vCenter
Written by Emma Davis

VMware developers rushed to alert their customers that a critical vulnerability had been discovered in vCenter Server.

They also urge vCenter users to immediately update their software to the latest versions, where dangerous vulnerabilities were recently fixed. One of the problems is fraught with remote execution of arbitrary code and is estimated at 9.8 points out of 10 on the CVSS v3 scale.

This is issue CVE-2021-21985, which is related to a vulnerability in the default Virtual SAN Health Check plugin included with vCenter. An attacker can use this bug to run whatever they want on a vulnerable host (considering that he can access port 443).

The company was warned about this vulnerability by specialists from 360 Noah Lab, who note that unauthenticated attackers can exploit this problem, and such attacks will not require any interaction with the user.

VMware reports that the vulnerable “Virtual SAN Health Check plug-in is included by default in all vCenter Server deployments, regardless of whether vSAN is in use.”

According to Shodan, there are currently over 5,600 vCenter machines available on the network. Most of them are located in large data centres, where terabytes of confidential information can potentially be stored.

Where possible, we suggest organizations practice the concept of “loose coupling” between systems and use the native management interfaces of each system. Loosely coupled systems are easier to patch & upgrade, have fewer negative side effects if one is down (for patching or otherwise), and are easier to secure because their access control, authentication, and authorization models can be separated. Vmware developers write.

Also this week, the company fixed another vulnerability in the authentication mechanism, which received the identifier CVE-2021-21986 and affects the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager and VMware Cloud Director Availability plugins. This bug is rated 6.5 on the CVSS v3 scale and allows an attacker to perform actions with plugins without authentication.

Let me also remind you that I wrote that VMware closes RCE vulnerability in ESXi and Horizon.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply