Press "Enter" to skip to content

VMware seals vulnerabilities in the vSphere Web Client – in part

There are security holes in VMware’s vSphere Web Client through which attackers could gain access to sensitive information, among other things. The manufacturer seals the vulnerabilities with updated vSphere server versions. The software Cloud Foundation (vCenter Server) 3.x is also affected. According to the manufacturer, however, an update is still pending.

The most serious vulnerability arose from the fact that the vSphere Web Client could read any files without authorization (CVE-2021-21980). As a result, attackers could gain access to sensitive information with access to port 443 of the vCenter Server. explains VMware in its security advisory. The company rates the risk as high and gives it a CVSS score of 7.5.

Another medium-risk gap was in the vSAN Web Client Plug-in of the vSphere Web Client (CVSS 6.5). It enabled malicious users to trigger what is known as Server Side Request Forgery (SSRF). This could allow an attacker to cause the server to send requests to other systems (CVE-2021-22049). For those interested, point 10 of the background article on the greatest risks according to the OWASP Top Ten 2021 provides more details on SSRF.

The vulnerabilities affect vCenter Server 6.5 and 6.7, for which the corrected versions 6.5 U3r and 6.7 U3p are available. VMware has linked them as downloads in the security notice above. A patch is therefore still pending for the Cloud Foundation (vCenter Server), which is also affected.

Administrators should install the updates offered as soon as possible. As soon as the Cloud Foundation updates become available, we recommend that you apply them quickly. It may be worthwhile to upgrade to Cloud Foundation 4.x, as this version, like vCenter Server 7.0, is not affected by the gaps, according to the manufacturer.


Article Source

Disclaimer: This article is generated from the feed and not edited by our team.