VMware patches 2 vSphere Web Client vulnerabilities (CVE-2021-21980, CVE-2021-22049)
VMware has patched arbitrary file read and SSRF vCenter Server vulnerabilities (CVE-2021-21980, CVE-2021-22049) that affect VMware vSphere Web Client.
vcenter
VMware patches vCenter Server IWA privilege escalation vulnerability (CVE-2021-22048)
VMware has issued a security fix for a VMware vCenter Server IWA privilege escalation vulnerability (CVE-2021-22048).
VMware patches Critical vCenter Server vulnerability (CVE-2021-22005) exploited in the wild
VMware issued a security advisory for multiple vulnerabilities that impact VMware vCenter Server. One of those fixed issues is a Critical vulnerability (CVE-2021-22005) exploited in the wild.
Thousands of unpatched VMware vCenter servers exposed on the internet
Security researchers have spotted thousands of vulnerable unpatched VMware vCenter servers exposed on the internet. Multiple proof-of-concepts (PoCs) have also been posted online for exploits against a remote code execution (RCE) vulnerability CVE-2021-21985.
VMware patches Critical vulnerability that exposed thousands of servers online
VMware has patched multiple vulnerabilities, to include one Critical vulnerability (CVE-2021-21972) that has exposed thousands of servers online.
VMware patches multiple ESXi and vCenter Server vulnerabilities
VMware issued a security advisory for multiple vulnerabilities that impact VMware ESXi and vCenter Server products. The vulnerability severity ranges from a CVSS base score of 4.2 to 7.7.