{"id":21481,"date":"2021-09-25T14:59:18","date_gmt":"2021-09-25T12:59:18","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=21481"},"modified":"2024-10-05T21:46:35","modified_gmt":"2024-10-05T19:46:35","slug":"kritische-schwachstelle-cve-2021-22005-in-vmware-vcenter","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2021\/09\/25\/kritische-schwachstelle-cve-2021-22005-in-vmware-vcenter\/","title":{"rendered":"Critical Vulnerability CVE-2021-22005 in VMware vCenter"},"content":{"rendered":"<p><img decoding=\"async\" title=\"Sicherheit (Pexels, allgemeine Nutzung)\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" alt=\"Sicherheit (Pexels, allgemeine Nutzung)\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2021\/04\/Sicherheit_klein.jpg\" width=\"200\" align=\"left\">[<a href=\"https:\/\/www.borncity.com\/blog\/2021\/09\/25\/kritische-schwachstelle-cve-2021-22005-in-vmware-vcenter\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]VMware has published information on a total of 19 vulnerabilities in the products VMware vCenter Server (vCenter Server) and VMware Cloud Foundation (Cloud Foundation) [VMW2021a] as of September 21, 2021. Some of these are critical vulnerabilities &#8211; specifically, the CVE-2021-22005 vulnerability was rated \"critical\" with a score of 9.8. VMware has released corresponding security updates.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" src=\"https:\/\/vg08.met.vgwort.de\/na\/4f491ca36f5a457da20ee462e500f5f6\" width=\"1\" height=\"1\">On 21. September 2021, VMware released <a href=\"https:\/\/www.vmware.com\/security\/advisories\/VMSA-2021-0020.html\" target=\"_blank\" rel=\"noopener\">this security advisory<\/a> on vulnerabilities CVE-2021-21991, CVE-2021-21992, CVE-2021-21993, CVE-2021-22005, CVE-2021-22006, CVE-2021-22007, CVE-2021-22008, CVE-2021-22009, CVE-2021-22010, CVE-2021-22011, CVE-2021-22012, CVE-2021-22013, CVE-2021-22014, CVE-2021-22015, CVE-2021-22016, CVE-2021-22017, CVE-2021-22018, CVE-2021-22019, CVE-2021-22020. The security advisory in question provides details as well as links to the updated products. <\/p>\n<h2>US-CERT warns<\/h2>\n<p>US-CERT has <a href=\"https:\/\/us-cert.cisa.gov\/ncas\/current-activity\/2021\/09\/24\/vmware-vcenter-server-vulnerability-cve-2021-22005-under-active\" target=\"_blank\" rel=\"noopener\">warned here<\/a> on September 21, 2021 about vulnerability CVE-2021-22005 in vCenter Server. The vulnerability can be exploited when uploading arbitrary files, affecting the in Analytics service. A malicious cyber actor with network access to port 443 can exploit this vulnerability to execute code on vCenter Server. <\/p>\n<h2>Mass scans and exploitation<\/h2>\n<p>On September 24, 2021, VMware confirmed reports that CVE-2021-22005 is being exploited in the wild. In the following <a href=\"https:\/\/twitter.com\/testanull\/status\/1441345969451245574\" target=\"_blank\" rel=\"noopener\">tweet<\/a>, someone draws attention to a PoC for CVE-2021-22005. <\/p>\n<p><a href=\"https:\/\/twitter.com\/testanull\/status\/1441345969451245574\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" title=\"PoC for  CVE-2021-22005 \" alt=\"PoC for  CVE-2021-22005 \" src=\"https:\/\/i.imgur.com\/JMb2vcf.png\"><\/a><\/p>\n<p>Security researchers also report mass scans for vulnerable vCenter servers and publicly available exploit code. Due to the availability of exploit code, CISA expects widespread exploitation of this vulnerability. So administrators should patch as well as look into the workaround presented by VMware in this article to close the CVE-2021-22005 vulnerability.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]VMware has published information on a total of 19 vulnerabilities in the products VMware vCenter Server (vCenter Server) and VMware Cloud Foundation (Cloud Foundation) [VMW2021a] as of September 21, 2021. Some of these are critical vulnerabilities &#8211; specifically, the CVE-2021-22005 &hellip; <a href=\"https:\/\/borncity.com\/win\/2021\/09\/25\/kritische-schwachstelle-cve-2021-22005-in-vmware-vcenter\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,1218],"tags":[69],"class_list":["post-21481","post","type-post","status-publish","format-standard","hentry","category-security","category-virtualization","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/21481","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=21481"}],"version-history":[{"count":1,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/21481\/revisions"}],"predecessor-version":[{"id":35882,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/21481\/revisions\/35882"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=21481"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=21481"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=21481"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}