VMware released a new security advisory on 21st September, 2021. The security advisory seeks to provide solution for the CVE-2021-22005, a critical vulnerability on the vCenter server 7.0, vCenter server 6.7 and vCenter Cloud foundation server version 4.x. The vulnerability allows a remote attacker to upload a carefully crafted file on the vCenter server and use it to remotely execute the code. In a way, it becomes a remote code execution vulnerability on the vCenter server. The vulnerability is critical and carries a CVSS score of 9.8, therefore requiring immediate patching for a resolution.
CVE-2021-22005 resolution on VMWare vCenter Server version 7
VMWare has released a security document that details the process to follow for remediation of the CVE-2021-22005. The update involves pushing vCenter server update 2c to patch the vCenter server on version 7.0 against the vulnerability. Release notes for the security vulnerability can be found on this link. The update process focuses on installing an ISO file on the vCenter server. The file details have been put in below for a ready reference:
- Download Filename: VMware-vCenter-Server-Appliance-7.0.2.00400-18356314-patch-FP.iso
- Download Size:5550.2 MB
CVE-2021-22005 resolution on VMWare vCenter Server version 6.5
The VMware server version 6.5 remains unaffected with this vulnerability. But the VMware server 6.7 also needs to be patched to cover the CVE-2021-22005 vulnerability. The patch fix for the vCenter Server version 6.7 lies in the update 3o released by VMWare. The update’s release notes can be found here.
CVE-2021-22005 resolution on VMWare Cloud Foundation Server
The VMWare vCenter Server Cloud Foundation 4.1.x, 4.2.x and 4.3 are affected with a CVE-2021-22005 critical vulnerability involving file upload on a Cloud Foundation server on port 443. The fix for the vulnerability has been posted in the VMWare security release or VMWare version 4.3.1. You will need to update the Cloud Foundation to version 4.3.1. The security release for the vCenter Server appliance on the Cloud Foundation server can be seen here.
As a bare minimum, CVE-2021-22005 needs to be patched immediately on the vCenter Server 7.0, vCenter Server 6.7 and vCenter Server Cloud Foundation Server versions 4.1.x, 4.2.x and 4.3. VMWare has already released security patches for each vCenter server appliance.
Helen is a geeky nerd who seeks to find and fix tech gaps in the latest gadgets. She is always on the lookout for resolving technical queries of users, and is an avid writer on technical subjects.