CVE-2021-21972 - VMware vCenter Server Remote Code Execution Vulnerability
Project:VMware
Product:vCenter Server
Date Added:2021-11-03Due Date:2021-11-17
Vulnerability Name
VMware vCenter Server Remote Code Execution Vulnerability
Description
VMware vCenter Server vSphere Client contains a remote code execution vulnerability in a vCenter Server plugin which allows an attacker with network access to port 443 to execute commands with unrestricted privileges on the underlying operating system.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-21972
Related News Articles
Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber AttacksSeptember 21, 2024