Vulnerabilities and Exposures for VMware vCenter Server (CVE-2021-21985, CVE-2021-21986)

Thank you for using Enterprise Cloud (ECL) service.

In the Hypervisor menu for SDPF/ECL, vulnerabilities (CVE-2021-21985, CVE-2021-21986) were found in VMware vCenter Server provided by VMware. We will inform you of the response method and workaround.

Vulnerability information

Affected Menu

CVEAffected Menu
CVE-2021-21985, CVE-2021-21986

Dedicated Hypervisor Guest Image

  • vCenter-Server_6.5_u1e_Standard_not-include-lisence_vSphere-ESXi_001
  • vCenter-Server-Appliance_6.7_u3b_Standard_not-include-license_vSphere-ESXi_001


Please upgrade to the modified version or perform a workaround.

How to deal with CVE-2021-21985 and CVE-2021-21986



  • Please apply the patch to vCenter Server. The patch for each version is following site.
    * VMware account is required. If you cannot download it, please contact us with tickets.
Minor VersionFixed VersionURL
vCenter Server 6.76.7 U3n
vCenter Server 6.56.5 U3p


Thank you.