09.21.2021

VMware vCenter Vulnerability

MCNC Admin Avatar
By MCNC Admin
  • facebook share link
  • twitter share link
  • linkedin share link
  • mail share link

Date of Notice: 9/21/2021

Action Level - Critical

Description: VMware vCenter Vulnerability (VMSA-2021-0020)

MCNC would like to make you aware of various VMware vulnerabilities. There are multiple CVEs that VMware is addressing under the ID VMSA-2021-0020. Of these 19 CVEs RCE and privilege escalation vulnerabilities exist.

The VMware Blog covers more information here. The full list of vulnerabilities and specific details are here.

Affected Devices

  • VMware vCenter Server versions
    • 6.5
    • 6.7
    • 7.0

Attack Vector

There are multiple vulnerabilities with multiple attack vectors. The most important is network based via port 443. Non-admin users with access to vCenter Server can also exploit the privilege escalation vulnerability.

Attack Feasibility

No information has been released regarding feasibility.

Mitigations

There are mitigations beyond applying patches as specified by VMware. However, ensuring general security best practices such as proper network segmentation, only exposing needed devices to the internet, and ensuring least privilege rules are in place will help prevent these vulnerabilities from being exploited.

Remediation

Patch according to VMware.

<-- Return to Cybersecurity Alerts...

MCNC Admin
MCNC Admin
MCNC
PO Box 12889
3021 East Cornwallis Road
RTP, NC 27709-2889
919-248-1900 Phone | 919-248-1101 Fax
Connect With Uslinkedintwitterfacebookyoutube
© 2021 MCNC