QID 216274

Date Published: 2021-12-10

QID 216274: VMware vCenter Server 6.5 Privilege Escalation Vulnerability (VMSA-2021-0025)

VMware vCenter Server is a server management solution that helps IT admins manage virtualized hosts and virtual machines in enterprise environments via a single console.

The vCenter Server contains a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.1.

Affected Versions:
VMware vCenter Server 6.5

QID Detection Logic (Unauthenticated):
This QID checks for vulnerable versions of VMware vCenter Server with build version using web service present on the target.

Note: Patch for this vulnerability is not available yet. We are unable to check the workaround through detection, hence this QID is a Potential Vulnerability.

A malicious actor with non-administrative access to vCenter Server may exploit this issue to elevate privileges to a higher privileged group.

  • CVSS V3 rated as Critical - 8.8 severity.
  • CVSS V2 rated as High - 6.5 severity.
  • Solution
    Currently, there is no resolution. Please check VMSA-2021-0025 for updates. Workaround:

    Refer to KB86292 for more information.

    CVEs related to QID 216274

    Software Advisories
    Advisory ID Software Component Link