VMware سه راه نفوذ هکرها را مسدود کرد

باگ VMware راه نفوذ هکرها

VMware سه راه نفوذ هکرها را مسدود کرد

شناسایی باگ هایی در VMware و راه نفوذ هکرها

این موارد شامل باگ هایی در ESXi و vSphere Client می شد که به هکرهای حرفه ای اجازه می داد از راه دور در آن نفوذ کنند و VMware به کاربران پیشنهاد داد نسخه های خود را  جهت بسته شدن راه نفوذ هکرها آپدیت نمایند.

این مشکلات آسیب پذیری تحت عناوین زیر ثبت شده است:

  • CVE-2021-21972 برای پلاگین vCenter Server در vSphere Client و راه نفوذ از طریق پورت ۴۴۳
  • CVE-2021-21974 برای ESXi و راه نفوذ از طریق پورت ۴۲۷
  • CVE-2021-21973 برای پلاگین vCenter Server و راه نفوذ از طریق پورت ۴۴۳

منابع و سایر جزئیات در ارتباط با شناسایی باگ ها و راه نفوذ هکرها:

۱. Impacted Products VMware ESXi VMware vCenter Server (vCenter Server) VMware Cloud Foundation (Cloud Foundation) 2. Introduction Multiple vulnerabilities in VMware ESXi and vSphere Client (HTML5) were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products. 3a. VMware vCenter Server updates address remote code execution vulnerability in the vSphere Client (CVE-2021-21972) Description The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. Known Attack Vectors A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. Resolution To remediate CVE-2021-21972 apply the updates listed in the ‘Fixed Version’ column of the ‘Response Matrix’ below to affected deployments. Workarounds Workarounds for CVE-2021-21972 have been listed in the ‘Workarounds’ column of the ‘Response Matrix’ below. Additional Documentation None. Notes The affected vCenter Server plugin for vROPs is available in all default installations. vROPs does not need be present to have this endpoint available. Follow the workarounds KB to disable it


These include a 9.8-rated bug that hackers can exploit to execute remote commands with unrestricted privileges VMware has fixed three critically-rated flaws across its virtualisation products that could be exploited by hackers to conduct remote code execution attacks against enterprise systems. The firm has issued updates for three flaws present across its VMware ESXi bare-metal hypervisor and vSphere Client virtual infrastructure management platform, including a severe bug rated 9.8 out of ten on the CVSS scale. This vulnerability, tracked as CVE-2021-21972, is embedded in a vCenter Server plugin in the vSphere Client. Attackers with network access to port 443 may exploit this to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. Also patched is CVE-2021-21974, which is a heap buffer overflow vulnerability in the OpenSLP component of ESXi and is also rated a severe 8.8. Cyber criminals lying dormant within the same network segment as ESXi, also with access to port 427, may trigger the issue in OpenSLP which could also result in remote code execution. Finally, CVE-2021-21973 is a server-side request forgery (SSRF) flaw in vSphere Client which has arisen due to improper validation of URLs in a vCenter Server plugin. This is not as severe as the other two bugs, having only been rated 5.3, but can also be exploited by those with access to port 443 to leak information. There are workarounds that users can deploy for both CVE-2021-21972 and CVE-2021-21973 that are detailed here until a fix is deployed by the system administrator. Users can patch these flaws, however, by updating the products to the most recent versions. These include 7.0 U1c, 6.7U3I and 6.5 U3n of vCenter Server, 4.2 and 3.10.1.2 of Cloud Foundation, as well as ESXi70U1c-17325551, ESXi670-202102401-SG and ESXi650-202102101-SG of ESXi. These vulnerabilities were privately brought to the attention of VMware and customers are urged to patch their systems immediately