CVE-2021-21985: VMware vCenter Server Improper Input Validation Vulnerability
First published: Wed May 26 2021(Updated: )
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.
Credit: security@vmware.com security@vmware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware vCenter Server | =6.5 | |
| VMware vCenter Server | =6.5-a | |
| VMware vCenter Server | =6.5-b | |
| VMware vCenter Server | =6.5-c | |
| VMware vCenter Server | =6.5-d | |
| VMware vCenter Server | =6.5-e | |
| VMware vCenter Server | =6.5-f | |
| VMware vCenter Server | =6.5-update1 | |
| VMware vCenter Server | =6.5-update1b | |
| VMware vCenter Server | =6.5-update1c | |
| VMware vCenter Server | =6.5-update1d | |
| VMware vCenter Server | =6.5-update1e | |
| VMware vCenter Server | =6.5-update1g | |
| VMware vCenter Server | =6.5-update2 | |
| VMware vCenter Server | =6.5-update2b | |
| VMware vCenter Server | =6.5-update2c | |
| VMware vCenter Server | =6.5-update2d | |
| VMware vCenter Server | =6.5-update2g | |
| VMware vCenter Server | =6.5-update3 | |
| VMware vCenter Server | =6.5-update3d | |
| VMware vCenter Server | =6.5-update3f | |
| VMware vCenter Server | =6.5-update3k | |
| VMware vCenter Server | =6.5-update3n | |
| VMware vCenter Server | =6.7 | |
| VMware vCenter Server | =6.7-a | |
| VMware vCenter Server | =6.7-b | |
| VMware vCenter Server | =6.7-d | |
| VMware vCenter Server | =6.7-update1 | |
| VMware vCenter Server | =6.7-update1b | |
| VMware vCenter Server | =6.7-update2 | |
| VMware vCenter Server | =6.7-update2a | |
| VMware vCenter Server | =6.7-update2c | |
| VMware vCenter Server | =6.7-update3 | |
| VMware vCenter Server | =6.7-update3a | |
| VMware vCenter Server | =6.7-update3b | |
| VMware vCenter Server | =6.7-update3f | |
| VMware vCenter Server | =6.7-update3g | |
| VMware vCenter Server | =6.7-update3j | |
| VMware vCenter Server | =6.7-update3l | |
| VMware vCenter Server | =6.7-update3m | |
| VMware vCenter Server | =7.0 | |
| VMware vCenter Server | =7.0-a | |
| VMware vCenter Server | =7.0-b | |
| VMware vCenter Server | =7.0-c | |
| VMware vCenter Server | =7.0-d | |
| VMware vCenter Server | =7.0-update1 | |
| VMware vCenter Server | =7.0-update1a | |
| VMware vCenter Server | =7.0-update1c | |
| VMware vCenter Server | =7.0-update1d | |
| VMware vCenter Server | =7.0-update2 | |
| VMware vCenter Server | =7.0-update2a | |
| VMware Cloud Foundation | >=3.0<3.10.2.1 | |
| VMware Cloud Foundation | >=4.0<4.2.1 | |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html
- http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html
- https://www.vmware.com/security/advisories/VMSA-2021-0010.html
- https://nvd.nist.gov/vuln/detail/CVE-2021-21985
Frequently Asked Questions
What is CVE-2021-21985?
CVE-2021-21985 is a vulnerability in VMware vCenter Server that allows remote code execution.
How severe is CVE-2021-21985?
CVE-2021-21985 has a severity rating of 9.8, which is considered critical.
What is the affected software?
The affected software is VMware vCenter Server versions 6.5, 6.7, and 7.0, as well as VMware Cloud Foundation versions 3.0 to 4.2.1.
Is the Virtual SAN Health Check plug-in enabled by default?
Yes, the Virtual SAN Health Check plug-in is enabled by default in vCenter Server.
How can I fix CVE-2021-21985?
To fix CVE-2021-21985, apply the necessary patches provided by VMware and follow their recommended mitigation steps.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/description
- agent/title
- agent/references
- agent/author
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/event
- collector/nvd-cve
- source/NVD
- exploited/true
- ransomware/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- vendor/vmware
- canonical/vmware vcenter server
- version/vmware vcenter server/6.5
- version/vmware vcenter server/6.5-a
- version/vmware vcenter server/6.5-b
- version/vmware vcenter server/6.5-c
- version/vmware vcenter server/6.5-d
- version/vmware vcenter server/6.5-e
- version/vmware vcenter server/6.5-f
- version/vmware vcenter server/6.5-update1
- version/vmware vcenter server/6.5-update1b
- version/vmware vcenter server/6.5-update1c
- version/vmware vcenter server/6.5-update1d
- version/vmware vcenter server/6.5-update1e
- version/vmware vcenter server/6.5-update1g
- version/vmware vcenter server/6.5-update2
- version/vmware vcenter server/6.5-update2b
- version/vmware vcenter server/6.5-update2c
- version/vmware vcenter server/6.5-update2d
- version/vmware vcenter server/6.5-update2g
- version/vmware vcenter server/6.5-update3
- version/vmware vcenter server/6.5-update3d
- version/vmware vcenter server/6.5-update3f
- version/vmware vcenter server/6.5-update3k
- version/vmware vcenter server/6.5-update3n
- version/vmware vcenter server/6.7
- version/vmware vcenter server/6.7-a
- version/vmware vcenter server/6.7-b
- version/vmware vcenter server/6.7-d
- version/vmware vcenter server/6.7-update1
- version/vmware vcenter server/6.7-update1b
- version/vmware vcenter server/6.7-update2
- version/vmware vcenter server/6.7-update2a
- version/vmware vcenter server/6.7-update2c
- version/vmware vcenter server/6.7-update3
- version/vmware vcenter server/6.7-update3a
- version/vmware vcenter server/6.7-update3b
- version/vmware vcenter server/6.7-update3f
- version/vmware vcenter server/6.7-update3g
- version/vmware vcenter server/6.7-update3j
- version/vmware vcenter server/6.7-update3l
- version/vmware vcenter server/6.7-update3m
- version/vmware vcenter server/7.0
- version/vmware vcenter server/7.0-a
- version/vmware vcenter server/7.0-b
- version/vmware vcenter server/7.0-c
- version/vmware vcenter server/7.0-d
- version/vmware vcenter server/7.0-update1
- version/vmware vcenter server/7.0-update1a
- version/vmware vcenter server/7.0-update1c
- version/vmware vcenter server/7.0-update1d
- version/vmware vcenter server/7.0-update2
- version/vmware vcenter server/7.0-update2a
- canonical/vmware cloud foundation
- version/vmware cloud foundation/3.0
- version/vmware cloud foundation/4.0