VMSA-2021-0002

Jimmy15 · ‎03-11-2021

Hi,

I gone thru the vulnerability description and workaround by VMware.

Workaround Instructions for CVE-2021-21972 and CVE-2021-21973 on VMware vCenter Server (82374)

I don't have vROPs plugin in my environment even no plugin on vSphere Client.

My vCenters still vulnerable ?

However we are planning to update on recommended level.

Regards

Pankaj S.

regards

PS: Mark kudos or correct answer as appropriate 🙂

sjesse · ‎03-11-2021

You should look at setting up skyline

https://www.vmware.com/support/services/skyline.html

I think its free as long as you have support. It scans your vcenter and lets you know about critical issues it finds, if something is fixed the finding will go away.

bryanvaneeden · ‎03-12-2021

Well. There are two things that you should be aware off:

The vROPS plugin is installed by default on any installation. vROPS doesn't actually have to be present for you to have the plugin installed.
As long as the plugin is marked as incompatible, you are good to go. If it's not there at all I'd say you are also good to go but that wouldn't make sense since this thing is already there on any default installation.

You can see if the plugin is there under Administration -> Solutions -> Client Plug-Ins like below:

In the above example you would be vulnerable. But I've updated so I'm good. The update itself takes about 5 minutes, depending on where you are coming from.

Visit my blog at https://vcloudvision.com!

PS9 · ‎03-14-2021

hi,

In my opinion even though (preinstalled) vRops plugin (no matter it was installed manually or not) is not obvious in older variants of 6.5 but it still there since HTML 5 introduced that time and caveat was identified once WebUI client become fully functional with HTML 5.

So I am completely agree with two other experts that VCSA 6.5 is vulnerable and fix should be applied asap.

Regards

All

VMSA-2021-0002

VMSA-2021-0002