Well, like the post title states, this is a critical security advisor and it needs immediate attention for anyone using vCenter Server. This means stop whatever else you’re doing and get this done. But you can keep reading to get more details then go apply the fix immediately.
The products impacted by this vulnerability include;
- VMware vCenter Server (vCenter Server)
- VMware Cloud Foundation (Cloud Foundation
This advisory ID contains two vulnerabilities, CVE-2021-21985 & CVE-2021-21986. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8 and in the Moderate severity range with a maximum CVSSv3 base score of 6.5 respectively.
You can check out the original advisory located here and also sign up for Security Advisories by entering your email address on this page – https://www.vmware.com/security/advisories.html. (see screenshot below)
Without wasting much time here, Bob Plankers has detailed everything you need to know about this vulnerability. His post talks about who is affected, when you need to do something about the vulnerability, why you are affected, what you should do to protect your self and tips for patching.
Just My Musings 