QID 216276

Date Published: 2021-12-16

QID 216276: VMware vCenter Server 6.7 Apache Log4j Remote Code Execution (RCE) Vulnerability (VMSA-2021-0028)

VMware vCenter Server is a server management solution that helps IT admins manage virtualized hosts and virtual machines in enterprise environments via a single console.

Affected Versions:
VMware vCenter Server 6.7

QID Detection Logic (Unauthenticated):
This QID checks for vulnerable versions of VMware vCenter Server with build version using web service present on the target.

Note: Patch for this vulnerability is not available yet. We are unable to check the workaround through detection, hence this QID is a Potential Vulnerability.

A malicious actor with network access to an impacted VMware product may exploit this issue to gain full control of the target system.

  • CVSS V3 rated as Critical - 10 severity.
  • CVSS V2 rated as Critical - 9.3 severity.
  • Solution
    Currently, there is no resolution. Please check VMSA-2021-0028 for updates. Workaround:

    Refer to KB87081 for more information.

    CVEs related to QID 216276

    Software Advisories
    Advisory ID Software Component Link