Service Notices

All Notices > Security Notices > VMware vCenter Server File Upload Vulnerability (CVE-2021-22005)

VMware vCenter Server File Upload Vulnerability (CVE-2021-22005)

Sep 23, 2021 GMT+08:00

I. Overview

VMware has released an important arbitrary file upload vulnerability (CVE-2021-22005) in certain versions of VMware vCenter Server. An attacker with the access permission of port 443 can exploit this vulnerability to upload special files to remotely execute code on VMware vCenter Server.

VMware vCenter Server is an advanced server management software that provides a centralized platform for controlling vSphere environments for visibility across hybrid clouds. If you are a VMware vCenter Server user, check your service version and implement timely security hardening.

Reference: VMSA-2021-0020

II. Severity

Severity: important

(Severity: low, moderate, important, and critical)

III. Affected Products

Affected versions:

VMware vCenter Server 7.0 series < 7.0 U2c

VMware vCenter Server 6.7 series < 6.7 U3o

The VMware vCenter Server 6.5 series is not affected by this vulnerability.

Secure versions:

VMware vCenter Server 7.0 U2c

VMware vCenter Server 6.7 U3o

IV. Security Recommendations

This vulnerability has been fixed in the latest official version. If your service version falls into the affected range, upgrade it to the secure version.

VMware vCenter Server 7.0 U2c

VMware vCenter Server 6.7 U3o

If the upgrade cannot be performed in a timely manner, refer to the suggestions provided by VMware at https://kb.vmware.com/s/article/85717.

Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.