Vulnerabilities and Exposures for VMware vCenter Server (CVE-2021-21985, CVE-2021-21986)
Thank you for using Enterprise Cloud (ECL) service.
In the Hypervisor menu for SDPF/ECL, vulnerabilities (CVE-2021-21985, CVE-2021-21986) were found in VMware vCenter Server provided by VMware. We will inform you of the response method and workaround.
Dedicated Hypervisor Guest Image
Please upgrade to the modified version or perform a workaround.
How to deal with CVE-2021-21985 and CVE-2021-21986
- Affected plugins need to be changed to incompatible. For more information, please refer to How to Disable VMware Plugins in vCenter Server (83829).
- Please apply the patch to vCenter Server. The patch for each version is following site.
* VMware account is required. If you cannot download it, please contact us with tickets.
|Minor Version||Fixed Version||URL|
|vCenter Server 6.7||6.7 U3n||https://docs.vmware.com/en/VMware-vSphere/6.7/rn/vsphere-vcenter-server-67u3n-release-notes.html|
|vCenter Server 6.5||6.5 U3p||https://docs.vmware.com/en/VMware-vSphere/6.5/rn/vsphere-vcenter-server-65u3p-release-notes.html|