Rewterz Threat Advisory – Multiple VMware vCenter Server Vulnerabilities

November 24, 2021

Severity

High

Analysis Summary

CVE-2021-22049

VMware vCenter Server is vulnerable to server-side request forgery. By accessing a URL request outside of vCenter Server or accessing an internal service, a remote attacker could exploit this vulnerability to conduct an SSRF attack.

CVE-2021-21980

VMware vCenter Server could allow a remote attacker to obtain sensitive information. A remote attacker could exploit this vulnerability to read arbitrary files on the system.

Impact

Unauthorized Access
Information Disclosure

Affected Vendors

VMware

Affected Products

VMware vCenter Server 6.5
VMware vCenter Server 6.7
VMware Cloud Foundation (vCenter) 3.0

Remediation

Refer to VMware Security Advisory for patch, upgrade, or suggested workaround information.

https://www.vmware.com/security/advisories/VMSA-2021-0027.html

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Remcos RAT – Active IOCs

DanaBot Trojan – Active IOCs

Critical Chrome Vulnerability Allows Attackers to Execute Arbitrary Code

Threat Insights

About Us

Our Leadership

CSR

Connect with Us