VMware Fixes Authenticated Command Injection Vulnerability in vSphere Replication

Monday 15 February 2021

The impact of this issue announcement is high. Please act accordingly to rectify the issue, as stated below.

What's affected:

vSphere Replication

What you need to know:

Virtualisation leader VMware announced via VMSA-2021-0001 that vSphere Replication contains a post-authentication command injection vulnerability in its “Startup Configuration” page (CVE-2021-21976) and that a patch has been released.

Actions to be taken:

To remediate CVE-2021-21976, apply the patches listed in the Fixed Version column of the Resolution Matrix found in VMSA-2021-0001.

Sources:

https://us-cert.cisa.gov/ncas/current-activity/2021/02/12/vmware-releases-security-update

VMware Fixes Authenticated Command Injection Vulnerability in vSphere Replication

What's affected:

What you need to know:

Actions to be taken:

Sources:

Further reading:

We protect. You Achieve.

Get in Touch

Subscribe for our updates

VMware Fixes Authenticated Command Injection Vulnerability in vSphere Replication

What's affected:

What you need to know:

Actions to be taken:

Sources:

Further reading:

VMware vCenter Server Updates Address Remote Code Execution in vSphere Client

SHAREit Patches Security Vulnerabilities

SonicWall Announces Additional SMA100 Vulnerability Update

Secon Cyber extends server patching support to private and public organisations

We protect. You Achieve.

Get in Touch

Subscribe for our updates