vCenter 7.0 

Affected by critical vulnerability - CVE-2021-22005

This critical issue was fixed in 7.0U2c Build 18356314 (Released August 24th)

If you are running 7.0U2c Build 18356314, then

• Plan to upgrade to 7.0U2d (Build 18455184) as soon as possible to protect against the vulnerabilities resolved in this release

If you are running any version of 7.0 lower then or prior to 7.0U2c Build 18356314

• Plan to upgrade to 7.0U2d (Build 18455184) as quickly as possible
• If this is not possible, then the documented workaround should be implemented as per KB 85717 
• Post implementing the workaround, plan to upgrade to 7.0U2d as soon as possible to protect against the remaining vulnerabilities

vCenter 6.7 VCSA

Affected by critical vulnerability - CVE-2021-22005

All current versions affected

6.7U3o (Build 18485166) released at the same time as the VMSA

• Plan to upgrade to 6.7U3o (Build 18485166) as quickly as possible
• If this is not possible, then the documented workaround should be implemented as per KB 85717 
• Post implementing the workaround, plan to upgrade to 6.7U3o as soon as possible to protect against the remaining vulnerabilities

Windows vCenter 6.7 

Not impacted by the critical vulnerability CVE-2021-22005

All current versions affected by the CVEs that impact 6.7 Windows versions

6.7U3o (Build 18485166) released at the same time as the VMSA

Plan to upgrade to 6.7U3o as soon as possible to protect against the documented issues that do affect 6.7 Windows vCenter 

vCenter 6.5 (Windows and VCSA)

Not impacted by the critical vulnerability CVE-2021-22005

All current versions affected by the CVEs that impact vCenter 6.5 (Windows and/or VCSA)

6.5U3q (Build 18499837) released at the same time as the VMSA

Plan to upgrade to 6.5U3q as soon as possible to protect against the documented issues that do affect vCenter 6.5 (Windows and/or VCSA)