VMware Discloses Severe Vulnerabilities That Need ‘Immediate Attention’

VMware has disclosed a pair of vulnerabilities impacting vCenter Server, a centralized management software for VMware vSphere systems. The most severe flaw, CVE-2021-21985, is a remote code execution vulnerability in vSphere Client, assigned a CVSSv3 score of 9.8


To exploit this vulnerability, an attacker would need to be able to access vCenter Server over port 443 in the firewall. Even if an organization has not exposed vCenter Server externally, attackers can still exploit this flaw once

…..Read More