Service Notices
High-Risk Vulnerabilities in VMware
Feb 25, 2021 GMT+08:00
I. Overview
The VMware official website has recently released a security notice, disclosing multiple high-risk vulnerabilities in VMware vCenter and ESXi.
CVE-2021-21972: a remote code execution vulnerability in vSphere Client. Attackers with network access to port 443 may exploit this vulnerability to remotely execute code on the vCenter server.
CVE-2021-21973: an SSRF vulnerability in vSphere client. Incorrect validation of URLs in a vCenter Server plugin allows attackers to send specially crafted requests that cause SSRF.
CVE-2021-21974: ESXi OpenSLP heap-overflow vulnerability. A malicious attacker who resides within the same network segment as ESXi and has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service, resulting in remote code execution.
If you are a VMware user, check your system and implement timely security hardening.
For more information about these vulnerabilities, visit the VMware official website.
https://www.vmware.com/security/advisories/VMSA-2021-0002.html
II. Severity
Severity: important
(Severity: low, moderate, important, and critical)
III. Affected Products
Affected versions:
VMware vCenter Server 7.0 series before 7.0.U1c
VMware vCenter Server 6.7 series before 6.7.U3l
VMware vCenter Server 6.5 series before 6.5 U3n
VMware ESXi 7.0 series before ESXi70U1c-17325551
VMware ESXi 6.7 series before ESXi670-202102401-SG
VMware ESXi 6.5 series before ESXi650-202102101-SG
Secure versions:
VMware vCenter Server 7.0.U1c for VMware vCenter Server 7.0 series
VMware vCenter Server 6.7.U3l for VMware vCenter Server 6.7 series
VMware vCenter Server 6.5 U3n for VMware vCenter Server 6.5 series
VMware ESXi70U1c-17325551 for VMware ESXi 7.0 series
VMware ESXi670-202102401-SG for VMware ESXi 6.7 series
VMware ESXi650-202102101-SG for VMware ESXi 6.5 series
IV. Vulnerability Handling
This vulnerability has been fixed in the latest official version. If your service version falls into the affected range, upgrade it to the secure version.
If you are unable to update, refer to the official workarounds to temporarily resolve the problem:
CVE-2021-21972, CVE-2021-21973: https://kb.vmware.com/s/article/82374
CVE-2021-21974: https://kb.vmware.com/s/article/76372
Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.