VMware Fixes Authenticated Command Injection Vulnerability in vSphere Replication

Monday 15 February 2021

The impact of this issue announcement is high. Please act accordingly to rectify the issue, as stated below.

What's affected:

vSphere Replication

What you need to know:

Virtualisation leader VMware announced via VMSA-2021-0001 that vSphere Replication contains a post-authentication command injection vulnerability in its “Startup Configuration” page (CVE-2021-21976) and that a patch has been released.

Actions to be taken:

To remediate CVE-2021-21976, apply the patches listed in the Fixed Version column of the Resolution Matrix found in VMSA-2021-0001.

Sources:

https://us-cert.cisa.gov/ncas/current-activity/2021/02/12/vmware-releases-security-update

VMware Fixes Authenticated Command Injection Vulnerability in vSphere Replication

What's affected:

What you need to know:

Actions to be taken:

Sources:

Further reading:

We protect. You Achieve.

Get in Touch

Subscribe for our updates

VMware Fixes Authenticated Command Injection Vulnerability in vSphere Replication

What's affected:

What you need to know:

Actions to be taken:

Sources:

Further reading:

FatPipe Releases Bulletin for its Actively Exploited VPN Zero Day

Google Ships Chrome Update to Address Multiple Security Bugs

Zoom Fixes High Risk Vulnerabilities in Meeting Connector

AMD Announces Security Fixes for 50 EPYC Flaws

We protect. You Achieve.

Get in Touch

Subscribe for our updates