← voltar
CVE-2021-21985

CVE-2021-21985

CVSS 9.8 CRITICALEPSS 100.0%● KEVCWE-20CWE-470CWE-918
Em resumo

O vSphere Client possui uma falha que permite a executores remotos na rede executarem comandos com privilégios totais no vCenter Server sem necessidade de autenticação.

Detalhe técnico

Vulnerabilidade de execução remota de código não autenticada no plugin Virtual SAN Health Check do vSphere Client (CWE-20, CWE-470, CWE-918) acessível via porta 443 por falta de validação de entrada. Um atacante com acesso à rede consegue injetar payloads maliciosos para executar comandos arbitrários do sistema operacional com privilégios irrestritos no host vCenter Server.

Resumo gerado e traduzido por IA a partir da descrição oficial.
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
n/a · VMware vCenter Server and VMware Cloud Foundation
PoCs públicas encontradas12
githubgithub.com/alt3kx/CVE-2021-21985_PoC213githubgithub.com/xnianq/cve-2021-21985_exp115githubgithub.com/testanull/Project_CVE-2021-21985_PoC29githubgithub.com/sknux/CVE-2021-21985_PoC3githubgithub.com/onSec-fr/CVE-2021-21985-Checker2githubgithub.com/daedalus/CVE-2021-219852githubgithub.com/bigbroke/CVE-2021-219851githubgithub.com/haidv35/CVE-2021-219851githubgithub.com/aristosMiliaressis/CVE-2021-219850githubgithub.com/mauricelambert/CVE-2021-219850cve_referencepacketstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.htmlnão verificadocve_referencepacketstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.htmlnão verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.htmlhttp://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.htmlhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21985https://www.vmware.com/security/advisories/VMSA-2021-0010.html