Service Notices
VMware vCenter Server File Upload Vulnerability (CVE-2021-22005)
Sep 23, 2021 GMT+08:00
I. Overview
VMware has released an important arbitrary file upload vulnerability (CVE-2021-22005) in certain versions of VMware vCenter Server. An attacker with the access permission of port 443 can exploit this vulnerability to upload special files to remotely execute code on VMware vCenter Server.
VMware vCenter Server is an advanced server management software that provides a centralized platform for controlling vSphere environments for visibility across hybrid clouds. If you are a VMware vCenter Server user, check your service version and implement timely security hardening.
Reference: VMSA-2021-0020
II. Severity
Severity: important
(Severity: low, moderate, important, and critical)
III. Affected Products
Affected versions:
VMware vCenter Server 7.0 series < 7.0 U2c
VMware vCenter Server 6.7 series < 6.7 U3o
The VMware vCenter Server 6.5 series is not affected by this vulnerability.
Secure versions:
VMware vCenter Server 7.0 U2c
VMware vCenter Server 6.7 U3o
IV. Security Recommendations
This vulnerability has been fixed in the latest official version. If your service version falls into the affected range, upgrade it to the secure version.
VMware vCenter Server 7.0 U2c
VMware vCenter Server 6.7 U3o
If the upgrade cannot be performed in a timely manner, refer to the suggestions provided by VMware at https://kb.vmware.com/s/article/85717.
Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.