News

Vulnerabilities and Exposures for VMware vCenter Server (CVE-2021-44228)


Thank you for using Enterprise Cloud service.

The vulnerability (CVE-2021-44228) was found in VMware vCenter Server provided by VMware in the guest image of the SDPF Hypervisor Menu. Therefore, we will inform you of the response method and workaround. We recommend that you check the target menu and target version before taking action.

Vulnerability information

https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Affected Menu

CVE Affected Menu
CVE-2021-44228 Dedicated Hypervisor Guest Image
  • vCenter-Server_6.5_u1e_Standard_not-include-lisence_vSphere-ESXi_001
  • vCenter-Server-Appliance_6.7_u3b_Standard_not-include-license_vSphere-ESXi_001

Countermeasure

Please upgrade to the modified version* or perform a workaround.

Workaround

Official Image Template Workaround
vCenter-Server_6.5_u1e_Standard_not-include-lisence_vSphere-ESXi_001 https://kb.vmware.com/s/article/87096
vCenter-Server-Appliance_6.7_u3b_Standard_not-include-license_vSphere-ESXi_001 https://kb.vmware.com/s/article/87081

*For the latest information on the release of the fixed version, refer to Vulnerability Information. Please contact us with a ticket if you need a fixed patch when a fixed version is released.

 

Thank you.