News

Vulnerabilities and Exposures for VMware vCenter Server (CVE-2021-44228)


Thank you for using Enterprise Cloud service.

The vulnerability (CVE-2021-44228) was found in VMware vCenter Server provided by VMware in the guest image of the SDPF Hypervisor Menu. Therefore, we will inform you of the response method and workaround. We recommend that you check the target menu and target version before taking action.

Vulnerability information

https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Affected Menu

CVEAffected Menu
CVE-2021-44228Dedicated Hypervisor Guest Image

  • vCenter-Server_6.5_u1e_Standard_not-include-lisence_vSphere-ESXi_001
  • vCenter-Server-Appliance_6.7_u3b_Standard_not-include-license_vSphere-ESXi_001

Countermeasure

Please upgrade to the modified version* or perform a workaround.

Workaround

Official Image TemplateWorkaround
vCenter-Server_6.5_u1e_Standard_not-include-lisence_vSphere-ESXi_001https://kb.vmware.com/s/article/87096
vCenter-Server-Appliance_6.7_u3b_Standard_not-include-license_vSphere-ESXi_001https://kb.vmware.com/s/article/87081

*For the latest information on the release of the fixed version, refer to Vulnerability Information. Please contact us with a ticket if you need a fixed patch when a fixed version is released.

 

Thank you.