Thursday 15 July 2021
The impact of this issue announcement is high. Please act accordingly to rectify the issue, as stated below.
What you need to know:
VMware has announced the availability of security patches for vulnerabilities affecting its ESXi hypervisor, Cloud Foundation hybrid cloud platform, and ThinApp application virtualisation tool, including high severity improper authentication flaw in the ESXi’s small footprint CIM broker (CVE-2021-21994).
- VMware ESXi
- VMware Cloud Foundation (Cloud Foundation)
- ThinApp application virtualisation tool
Actions to be taken:
To remediate CVE-2021-21994, administrators are advised to apply the patches listed in the ‘Fixed Version’ column of the ‘Response Matrix’ in VMware’s advisory VMSA-2021-0014.