May 25, 2021 - VMware vCenter Server Updates

Author:
May 27, 2021

Apply VMware vCenter server updates from May 25, 2021 to mitigate remote code execution and authentication vulnerabilities.

Recently, patches were released for the VMware vCenter Server, versions 6.5, 6.7 and 7.0, as well as Cloud Foundation products to address vulnerabilities.  The vSphere client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in, which is enabled by default.  A malicious actor with network access to port 443 may exploit this issue.

EDCi strongly recommends applying the patch to your vCenter servers as soon as possible to eliminate the risk of this vulnerability. More information can be found at the following links:

Advisory ID:  VMSA-2021-0010

Patch Release notes: 7.0    6.7    6.5

VMware Patch Downloads (login required)

If you have questions or need assistance deploying the updates, please contact the EDCi Technical Support Services Center at (800) 332-3553 or Support@edci.com. We are here to help!

Meet the Author
Connect on LinkedIn

Hope you found our EDCi insights interesting and informative.

If you did, why not subscribe for more related content? Don't miss out on the latest updates and exclusive insights!
Thanks for joining EDCi's insights.
Oops! Something went wrong while submitting the form.