Service Notices

All Notices > Security Notices > High-Risk Vulnerabilities in VMware

High-Risk Vulnerabilities in VMware

Feb 25, 2021 GMT+08:00

I. Overview

The VMware official website has recently released a security notice, disclosing multiple high-risk vulnerabilities in VMware vCenter and ESXi.

CVE-2021-21972: a remote code execution vulnerability in vSphere Client. Attackers with network access to port 443 may exploit this vulnerability to remotely execute code on the vCenter server.

CVE-2021-21973: an SSRF vulnerability in vSphere client. Incorrect validation of URLs in a vCenter Server plugin allows attackers to send specially crafted requests that cause SSRF.

CVE-2021-21974: ESXi OpenSLP heap-overflow vulnerability. A malicious attacker who resides within the same network segment as ESXi and has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service, resulting in remote code execution.

If you are a VMware user, check your system and implement timely security hardening.

For more information about these vulnerabilities, visit the VMware official website.

https://www.vmware.com/security/advisories/VMSA-2021-0002.html

II. Severity

Severity: important

(Severity: low, moderate, important, and critical)

III. Affected Products

Affected versions:

VMware vCenter Server 7.0 series before 7.0.U1c

VMware vCenter Server 6.7 series before 6.7.U3l

VMware vCenter Server 6.5 series before 6.5 U3n

VMware ESXi 7.0 series before ESXi70U1c-17325551

VMware ESXi 6.7 series before ESXi670-202102401-SG

VMware ESXi 6.5 series before ESXi650-202102101-SG

Secure versions:

VMware vCenter Server 7.0.U1c for VMware vCenter Server 7.0 series

VMware vCenter Server 6.7.U3l for VMware vCenter Server 6.7 series

VMware vCenter Server 6.5 U3n for VMware vCenter Server 6.5 series

VMware ESXi70U1c-17325551 for VMware ESXi 7.0 series

VMware ESXi670-202102401-SG for VMware ESXi 6.7 series

VMware ESXi650-202102101-SG for VMware ESXi 6.5 series

IV. Vulnerability Handling

This vulnerability has been fixed in the latest official version. If your service version falls into the affected range, upgrade it to the secure version.

If you are unable to update, refer to the official workarounds to temporarily resolve the problem:

CVE-2021-21972, CVE-2021-21973: https://kb.vmware.com/s/article/82374

CVE-2021-21974: https://kb.vmware.com/s/article/76372

Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.