CVE-2021-21985 Scanner
Detects 'Remote Code Execution (RCE)' vulnerability in VMware vCenter Server and VMware Cloud Foundation affects v. VMware vCenter Server (7.x before 7.0 U2b, 6.7 before 6.7 U3n, 6.5 before 6.5 U3p) and VMware Cloud Foundation (4.x before 4.2.1, 3.x before 3.10.2.1).
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
30 days
Scan only one
Domain, IPv4, Subdomain
Toolbox
-
VMware vCenter Server is a powerful tool used for managing virtualization infrastructure. It allows administrators to manage virtual machines, storage, and networking across multiple hosts and data centers. VMware Cloud Foundation, on the other hand, is a comprehensive software-defined data center platform that bundles vSphere, vSAN, and NSX into a single solution. It simplifies the deployment and management of the entire stack by providing a unified user interface and automated lifecycle management.
A critical vulnerability has been discovered in VMware vCenter Server, identified as CVE-2021-21985, which puts organizations at risk of remote code execution attacks. The vulnerability exists due to the lack of input validation in the Virtual SAN Health Check plug-in, which is enabled by default in vCenter Server. Attackers with network access to port 443 can exploit this vulnerability to execute arbitrary commands with elevated privileges on the underlying operating system that hosts vCenter Server.
This vulnerability can lead to complete compromise of vCenter Server and the virtualization infrastructure it manages. Attackers can execute malicious code, steal sensitive data, or disrupt business operations by causing system outages. The consequences can be severe, ranging from reputational damage to financial losses and regulatory fines.
Thanks to the pro features of the s4e.io platform, organizations can easily and quickly learn about vulnerabilities in their digital assets. The platform provides comprehensive vulnerability scanning and management capabilities, including automated discovery, assessment, and remediation of vulnerabilities. It also offers real-time alerts, reports, and dashboards to help organizations stay on top of their security posture and compliance requirements. With s4e.io, organizations can proactively identify and mitigate vulnerabilities before they are exploited by attackers.
REFERENCES
