CVE-2021-21985

critical

Description

The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.

From the Tenable Blog

CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution
CVE-2021-21985: Critical VMware vCenter Server Remote Code Execution

Published: 2021-05-25

VMware has issued patches for a critical remote code execution vulnerability in vCenter Server. Organizations are strongly encouraged to apply patches as soon as possible. Update June 2: The Identifying Affected Systems section has been updated to include audit checks for the workaround. Update June 4: The Proof of Concept section has been updated to reflect the publication of exploit code and active scanning for vulnerable servers.

References

https://www.tenable.com/blog/aa22-257a-cybersecurity-joint-advisory-on-iranian-islamic-revolutionary-guard-ransomware

https://www.tenable.com/cyber-exposure/a-look-inside-the-ransomware-ecosystem

https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-117a

https://www.tenable.com/blog/cve-2022-22948-vmware-vcenter-server-sensitive-information-disclosure-vulnerability

https://www.tenable.com/blog/contileaks-chats-reveal-over-30-vulnerabilities-used-by-conti-ransomware-affiliates

https://www.tenable.com/blog/behind-the-scenes-how-we-picked-2021s-top-vulnerabilities-and-what-we-left-out

https://web.archive.org/web/20211025233339/https://twitter.com/pancak3lullz/status/1452679527197560837

https://www.tenable.com/blog/cve-2021-22005-critical-file-upload-vulnerability-in-vmware-vcenter-server

https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-209a

https://www.tenable.com/blog/cve-2021-21985-critical-vmware-vcenter-server-remote-code-execution

https://www.vmware.com/security/advisories/VMSA-2021-0010.html

http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html

http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html

Details

Source: Mitre, NVD

Published: 2021-05-26

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical