vCenter Server Archives - Cyber Security Minute

VMware Urges Customers to Immediately Patch Critical vSphere Vulnerability

Issued by: Security Week

The vulnerability, tracked as CVE-2021-21985, was reported to VMware by Ricter Z of 360 Noah Lab and it has been patched in versions 6.5, 6.7 and 7.0 of vCenter Server. According to VMware, the vulnerability impacts the vSphere Client, specifically the Virtual SAN Health Check plugin, which is enabled by default in vCenter Server even…

Vulnerabilities

Hackers Scanning for VMware vCenter Servers Affected by Critical Vulnerability

Issued by: Security Week

The flaw, tracked as CVE-2021-21972, affects the vSphere Client component of vCenter Server and it can be exploited by a remote, unauthenticated attacker to execute arbitrary commands with elevated privileges on the operating system that hosts vCenter Server. While in most cases an attacker would need to have access to the targeted organization’s network in…