|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-05-31 | |
| Rule Name: | VMware vCenter Client Remote Code Execution Vulnerability (CVE-2021-21985) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This rule detects the public vulnerable url. Turn off this rule if the patch is already installed. | |
| Impact: | An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html https://www.vmware.com/security/advisories/VMSA-2021-0010.html |
|
| Solutions |
|---|
| The vendor has released upgrade patches to fix vulnerabilities, please visit: https://www.vmware.com/security/advisories/VMSA-2021-0010.html |