CVE-2021-21972: VMware vCenter Server Remote Code Execution Vulnerability
First published: Wed Feb 24 2021(Updated: )
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).
Credit: security@vmware.com security@vmware.com security@vmware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware Cloud Foundation | >=3.0<3.10.1.2 | |
| VMware Cloud Foundation | >=4.0<4.2 | |
| VMware vCenter Server | =6.5 | |
| VMware vCenter Server | =6.5-a | |
| VMware vCenter Server | =6.5-b | |
| VMware vCenter Server | =6.5-c | |
| VMware vCenter Server | =6.5-d | |
| VMware vCenter Server | =6.5-e | |
| VMware vCenter Server | =6.5-f | |
| VMware vCenter Server | =6.5-update1d | |
| VMware vCenter Server | =6.5-update1e | |
| VMware vCenter Server | =6.5-update1g | |
| VMware vCenter Server | =6.5-update2 | |
| VMware vCenter Server | =6.5-update2b | |
| VMware vCenter Server | =6.5-update2c | |
| VMware vCenter Server | =6.5-update2d | |
| VMware vCenter Server | =6.5-update2g | |
| VMware vCenter Server | =6.5-update3 | |
| VMware vCenter Server | =6.5-update3d | |
| VMware vCenter Server | =6.5-update3f | |
| VMware vCenter Server | =6.5-update3k | |
| VMware vCenter Server | =6.7 | |
| VMware vCenter Server | =6.7-a | |
| VMware vCenter Server | =6.7-b | |
| VMware vCenter Server | =6.7-d | |
| VMware vCenter Server | =6.7-update1 | |
| VMware vCenter Server | =6.7-update1b | |
| VMware vCenter Server | =6.7-update2 | |
| VMware vCenter Server | =6.7-update2a | |
| VMware vCenter Server | =6.7-update2c | |
| VMware vCenter Server | =6.7-update3 | |
| VMware vCenter Server | =6.7-update3a | |
| VMware vCenter Server | =6.7-update3b | |
| VMware vCenter Server | =6.7-update3f | |
| VMware vCenter Server | =6.7-update3g | |
| VMware vCenter Server | =6.7-update3j | |
| VMware vCenter Server | =7.0 | |
| VMware vCenter Server | =7.0-a | |
| VMware vCenter Server | =7.0-b | |
| VMware vCenter Server | =7.0-c | |
| VMware vCenter Server | =7.0-d | |
| VMware vCenter Server | =7.0-update1 | |
| VMware vCenter Server | =7.0-update1a | |
| >=3.0<3.10.1.2 | ||
| >=4.0<4.2 | ||
| =6.5 | ||
| =6.5-a | ||
| =6.5-b | ||
| =6.5-c | ||
| =6.5-d | ||
| =6.5-e | ||
| =6.5-f | ||
| =6.5-update1d | ||
| =6.5-update1e | ||
| =6.5-update1g | ||
| =6.5-update2 | ||
| =6.5-update2b | ||
| =6.5-update2c | ||
| =6.5-update2d | ||
| =6.5-update2g | ||
| =6.5-update3 | ||
| =6.5-update3d | ||
| =6.5-update3f | ||
| =6.5-update3k | ||
| =6.7 | ||
| =6.7-a | ||
| =6.7-b | ||
| =6.7-d | ||
| =6.7-update1 | ||
| =6.7-update1b | ||
| =6.7-update2 | ||
| =6.7-update2a | ||
| =6.7-update2c | ||
| =6.7-update3 | ||
| =6.7-update3a | ||
| =6.7-update3b | ||
| =6.7-update3f | ||
| =6.7-update3g | ||
| =6.7-update3j | ||
| =7.0 | ||
| =7.0-a | ||
| =7.0-b | ||
| =7.0-c | ||
| =7.0-d | ||
| =7.0-update1 | ||
| =7.0-update1a | ||
| VMware vCenter Server |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html
- http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html
- https://www.vmware.com/security/advisories/VMSA-2021-0002.html
- https://nvd.nist.gov/vuln/detail/CVE-2021-21972
Frequently Asked Questions
What is CVE-2021-21972?
CVE-2021-21972 is a remote code execution vulnerability in VMware vCenter Server, which allows a malicious actor to execute commands with unrestricted privileges on the underlying operating system.
How severe is CVE-2021-21972?
CVE-2021-21972 has a severity rating of 9.8, which is considered critical.
Which software is affected by CVE-2021-21972?
VMware vCenter Server versions 6.5, 6.7, and 7.0, as well as VMware Cloud Foundation versions 3.0 to 3.10.1.2 and 4.0 to 4.2, are affected by CVE-2021-21972.
How can CVE-2021-21972 be exploited?
An attacker with network access to port 443 can exploit CVE-2021-21972 to execute commands with unrestricted privileges on the hosting operating system.
Are there any references for CVE-2021-21972?
Yes, you can find more information about CVE-2021-21972 at the following URLs: [http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html](http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html), [http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html](http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html), [http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html](http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html).
- collector/nvd-index
- agent/references
- agent/author
- agent/type
- agent/softwarecombine
- agent/severity
- agent/title
- agent/weakness
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/event
- collector/nvd-cve
- exploited/true
- ransomware/true
- collector/cisa-known-exploited
- source/CISA
- vendor/vmware
- canonical/vmware cloud foundation
- version/vmware cloud foundation/3.0
- version/vmware cloud foundation/4.0
- canonical/vmware vcenter server
- version/vmware vcenter server/6.5
- version/vmware vcenter server/6.5-a
- version/vmware vcenter server/6.5-b
- version/vmware vcenter server/6.5-c
- version/vmware vcenter server/6.5-d
- version/vmware vcenter server/6.5-e
- version/vmware vcenter server/6.5-f
- version/vmware vcenter server/6.5-update1d
- version/vmware vcenter server/6.5-update1e
- version/vmware vcenter server/6.5-update1g
- version/vmware vcenter server/6.5-update2
- version/vmware vcenter server/6.5-update2b
- version/vmware vcenter server/6.5-update2c
- version/vmware vcenter server/6.5-update2d
- version/vmware vcenter server/6.5-update2g
- version/vmware vcenter server/6.5-update3
- version/vmware vcenter server/6.5-update3d
- version/vmware vcenter server/6.5-update3f
- version/vmware vcenter server/6.5-update3k
- version/vmware vcenter server/6.7
- version/vmware vcenter server/6.7-a
- version/vmware vcenter server/6.7-b
- version/vmware vcenter server/6.7-d
- version/vmware vcenter server/6.7-update1
- version/vmware vcenter server/6.7-update1b
- version/vmware vcenter server/6.7-update2
- version/vmware vcenter server/6.7-update2a
- version/vmware vcenter server/6.7-update2c
- version/vmware vcenter server/6.7-update3
- version/vmware vcenter server/6.7-update3a
- version/vmware vcenter server/6.7-update3b
- version/vmware vcenter server/6.7-update3f
- version/vmware vcenter server/6.7-update3g
- version/vmware vcenter server/6.7-update3j
- version/vmware vcenter server/7.0
- version/vmware vcenter server/7.0-a
- version/vmware vcenter server/7.0-b
- version/vmware vcenter server/7.0-c
- version/vmware vcenter server/7.0-d
- version/vmware vcenter server/7.0-update1
- version/vmware vcenter server/7.0-update1a