vCenter Server 7.0 U2b/6.7 U3n/6.5 U3p,修复 vSphere Client 高危安全漏洞

Posted by sysin on 2021-05-28
Estimated Reading Time 3 Minutes
Words 745 In Total
Viewed Times

点击访问腾讯云官方网站


请访问原文链接:vCenter Server 7.0 U2b/6.7 U3n/6.5 U3p,修复 vSphere Client 高危安全漏洞,查看最新版。原创作品,转载请保留出处。

作者主页:www.sysin.org

抄袭者 maczqq_23930765hanzheng260561728 请远离本站!!!


vSphere Client(HTML5)中的多个漏洞已秘密报告给 VMware。这里提供了更新和解决方法来解决受影响的 VMware 产品中的这些漏洞。详见:VMSA-2021-0010

威胁描述

Issue Date: 2021-05-25
Updated On: 2021-05-25 (Initial Advisory)
CVE(s): CVE-2021-21985, CVE-2021-21986
Synopsis: VMware vCenter Server updates address remote code execution and authentication vulnerabilities (CVE-2021-21985, CVE-2021-21986)

vSphere Client 中的 VMware vCenter Server 更新地址远程执行代码漏洞(CVE-2021-21985)

已知攻击向量:

具有网络访问端口 443 的恶意行为者可能会利用此问题在托管 vCenter Server 的基础操作系统上以不受限制的特权执行命令。

响应矩阵:

Product Version Running On CVE Identifier CVSSv3 Severity Fixed Version Workarounds Additional Documentation
vCenter Server 7.0 Any CVE-2021-21985 9.8 critical 7.0 U2b KB83829 FAQ
vCenter Server 6.7 Any CVE-2021-21985 9.8 critical 6.7 U3n KB83829 FAQ
vCenter Server 6.5 Any CVE-2021-21985 9.8 critical 6.5 U3p KB83829 FAQ

vCenter Server 插件中的身份验证机制问题(CVE-2021-21986)

已知攻击向量:

可以通过网络访问 vCenter Server 上端口 443 的恶意角色可能会执行受影响的插件所允许的操作,而无需进行身份验证。

响应矩阵:

Product Version Running On CVE Identifier CVSSv3 Severity Fixed Version Workarounds Additional Documentation
vCenter Server 7.0 Any CVE-2021-21986 6.5 moderate 7.0 U2b KB83829 FAQ
vCenter Server 6.7 Any CVE-2021-21986 6.5 moderate 6.7 U3n KB83829 FAQ
vCenter Server 6.5 Any CVE-2021-21986 6.5 moderate 6.5 U3p KB83829 FAQ

下载地址

VMware vCenter Server 7.0U2b:
百度网盘链接:https://pan.baidu.com/s/1RMYJCaKmeE_1aeRdbrwyiA 提取码:vdh8

  • VMware vCenter Server Appliance
    Filename: VMware-VCSA-all-7.0.2-17958471.iso
    Build: 17958471
    Size: 7.45 GB
    MD5: b9338221abfdd7de04d6843a6b38b9ce
    SHA1: f699a05b482d959bca8404f39ab0ee9ff2dd2c26
    SHA256: 04cae95f2d3814b4f3691a3c417aeb5a8878669fbb57037d903bb45582642d87

  • VMware vCenter Server Appliance Update Bundle
    Filename: VMware-vCenter-Server-Appliance-7.0.2.00200-17958471-updaterepo.zip
    Build: 17958471
    Size: 5.11 GB
    MD5: 435e4141d7e0fed8982b552230ebf06a
    SHA1: ab0f724160cdb547828c6c2a322fb377091f092d
    SHA256: b7b86fc5678bf3002d517840d47c71f04ae50dca7e1ef33437864da5f47a9d83

  • Patch for VMware vCenter Server Appliance
    Filename: VMware-vCenter-Server-Appliance-7.0.2.00200-17958471-patch-FP.iso
    Build: 17958471
    Size: 5.02 GB
    MD5: 5808bb983c3ed013e25c3d897f224002
    SHA1: 1004942abfcac5ff12d9a1d50685ac857535f1dd
    SHA255: a34d7e6e13d8ab08fda53568f19b29f5703bb380ec79256e127e9c25dcb89e5b

VMware vCenter Server 6.7U3n:
百度网盘链接:https://pan.baidu.com/s/1rK8j-LCf_MzKGGctfWkQXA 提取码:g106

  • VMware vCenter Server Appliance
    Filename: VMware-VCSA-all-6.7.0-18010531.iso
    Build: 18010531
    Size: 4.29 GB
    MD5: a29cdbaf571e5a95385fbed189acb941
    SHA1: 8ccb42da816649cdfdc73b80e70b55d5598e91f3
    SHA25: bf058cdfd26bf79b4a97327a5a39ab9c76de3065a35dd5f85c3b0cd52211fe92

  • VMware vCenter Server Appliance Update Bundle
    Filename: VMware-vCenter-Server-Appliance-6.7.0.48000-18010531-updaterepo.zip
    Build: 18010531
    Size: 2.03 GB
    MD5: 2a98c311cd0ef70e62ae296e22fbc304
    SHA1SUM: a248c480228aa7b8418afbdc27ee9ed368532292
    SHA256SUM: 58eb96ece39129489b31e426480365dd85cc3399c58934f03cc5f5e6d9bea791

  • Patch for VMware vCenter Server Appliance
    Filename: VMware-vCenter-Server-Appliance-6.7.0.48000-18010531-patch-FP.iso
    Build: 18010531
    Size: 1.90 GB
    MD5: 796b72376e7358d9cd68ac43a255a91f
    SHA1: f8a72d8815a17c87cdea5e4d3e9cae8dff543ac1
    SHA256: 1152c4bd7d260af358610568264f7818e0041f7589d30bd9f3aad895d5f53dfd

  • VMware vCenter Server and modules for Windows
    Filename: VMware-VIM-all-6.7.0-18010531.iso
    Build: 18010531
    Size: 2.13 GB
    MD5: 2620e60180d1a01d081248d538180ad5
    SHA1: e6e8886f9906bbb99bb5b78ae0d873af07c8bfdc
    SHA256: 65071c3c716b5cd3ad87fe1fb0029f71ef7e7b73f383340c0bbefb4c05dfe9db

VMware vCenter Server 6.5U3p:
百度网盘链接:https://pan.baidu.com/s/1H-aPbAB--VQG36b6Q7bXKA 提取码:b8ol

  • VMware vCenter Server Appliance
    Filename: VMware-VCSA-all-6.5.0-17994927.iso
    Build: 17994927
    Size: 3.85 GB
    MD5: f87e533165082faefa2fc59e8d809726
    SHA1: b8e3864990888fd29ccaabbf9cd6aadb72291156
    SHA256: c35a8494ecd1860e23e2d115ed7be9b25606ba3d3b2d2164882141165f727a09

  • VMware vCenter Server Appliance Update Bundle
    Filename: VMware-vCenter-Server-Appliance-6.5.0.35000-17994927-updaterepo.zip
    Build: 17994927
    Size: 1.73 GB
    MD5: 60682f44c3442290671f5d6ae4859fd6
    SHA1: b4f540c037d43cf434379d15cde35396596cb7b9
    SHA256: a1dc67aba3532735360d94daf1bd2b11f57b6a2607f9d413d626cec1f27d7df9

  • Patch for VMware vCenter Server Appliance
    Filename: VMware-vCenter-Server-Appliance-6.5.0.35000-17994927-patch-FP.iso
    Build: 17994927
    Size: 1.59 GB
    MD5: 6aba95342399ac396c1e793370924620
    SHA1: c9778304ec0dd4f02574aaf3295346a4369dbd76
    SHA256: d89bb95bd47a6456388992a78a8a3baf41d06dd352045c4a31b415b9900f1e0e

  • VMware vCenter Server and modules for Windows
    Filename: VMware-VIM-all-6.5.0-17994927.iso
    Build: 17994927
    Size: 2.34 GB
    MD5: ee54993af477bcf11bf7bb03c1c46bd7
    SHA1: a25ec149e398a4252adf0d4ec5b71b1c771a97b3
    SHA256: 0f6b14a27be8e45b5c336907f5f84ea44ab7ba9b06ff8dd56984f7c5ff2967eb


捐助本站 ❤️ Donate

点击访问阿里云官方网站



如果文章中使用的内容或图片侵犯了您的版权,请联系作者删除。如果您喜欢这篇文章或者觉得它对您有所帮助,欢迎您发表评论,也欢迎您分享这个网站,或者赞赏一下作者,谢谢!


支付宝赞赏 微信赞赏

赞赏一下



1000000