VMware vCenter Server is the centralized management utility for VMware and is used to manage virtual machines, multiple ESXi hosts, and all dependent components from a single centralized location. VMware vMotion and svMotion require the use of vCenter and ESXi hosts.
On November 23, 2021, VMware released
a security update for the vCenter Server, the vulnerability number is CVE-2021-21980 with the CVSSv3 of 7.5, the vulnerability
level is high risk. vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file reading vulnerability. Hackers with network access to port 443 on the vCenter Server can use the CVE-2021-21980 to obtain sensitive information.
- vCenter Server 6.7
- vCenter Server 6.5
- Cloud Foundation (vCenter Server) 3.x
In this regard, we recommend that users upgrade
VMware vCenter Server to the latest version in time.