VMware Releases Security Advisory for vCenter Server and Cloud Foundation

VMware vCenter Server advisory offers a workaround to address a privilege escalation vulnerability

Threat ID:: CC-3976
Threat Severity:: Information only
Published:: 11 November 2021 3:08 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

VMware vCenter Server advisory offers a workaround to address a privilege escalation vulnerability

Affected platforms

The following platforms are known to be affected:

Versions: 6.7, 7.0

VMware vCenter Server

Versions: 3.x, 4.x

VMware Cloud Foundation

Threat details

Introduction

VMware has released an important advisory that includes a workaround to remediate against a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism. An attacker with non-administrative privileges may exploit this vulnerability to elevate privileges and take control of an affected system.

Threat updates

Date	Update
13 Jul 2022	Patch Releases VMware have added a fixed version of vCenter Server 7.0 in the Response Matrix.

Remediation advice

Affected organisations are encouraged to review VMware Security Advisory VMSA-2021-0025 and apply any relevant workarounds.

Remediation steps

Type	Step
Guidance	Workaround Instructions for CVE-2021-22048 (86292) https://kb.vmware.com/s/article/86292

Definitive source of threat updates

https://www.vmware.com/security/advisories/VMSA-2021-0025.html

CVE Vulnerabilities

Status Published

CVE-2021-22048

The vCenter Server contains a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism. A malicious actor with non-administrative access to vCenter Server may exploit this issue to elevate privileges to a higher privileged group.

Last edited: 13 July 2022 11:42 am