Last updated on February 25, 2021
VMware has recently patched a remote code execution (RCE) vulnerability that resided in the vCenter Server virtual infrastructure platform. This would allow attackers to take control of the affected systems through RCE.
vCenter Server is an essential part of managing virtualized hosts and virtual machines (VMs) within environments. This server management software provides a simplified and efficient method for that allows for scalability and automation when managing in the VMWare vSphere environments.
This vulnerability is reported at Common Vulnerabilities and Exposures (CVE) with an ID of CVE-2021-21972, and is reported as a critical vulnerability according to VMware’s security advisory. For more details on on the VMware’s posting, the Advisory ID is VMSA-2021-0002.
With this vulnerability, “the vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin,” of which can happen when “a malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.” – VMware Security Advisory
For more information on the vulnerability and viewing the recommended resolution, visit the VMware Advisory page located here.