CVE-2021-21985 - VMware vCenter Server Improper Input Validation Vulnerability
Project:VMware
Product:vCenter Server
Date Added:2021-11-03Due Date:2021-11-17
Vulnerability Name
VMware vCenter Server Improper Input Validation Vulnerability
Description
VMware vSphere Client contains an improper input validation vulnerability in the Virtual SAN Health Check plug-in, which is enabled by default in vCenter Server, which allows for remote code execution.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-21985