vCenter Server critical vulnerability CVE-2021-22005 and vCenter Server Security best practices

preview_player
Показать описание
VMware recently released news of a new nasty security bug affecting vCenter Server. It allows an attacker with only network access to port 443 to upload specially crafted malicious code to vCenter and run arbitrary commands. It is already in the wild. What is this new vulnerability? How can organizations protect themselves?

Also, what are some vCenter Server security best practices that can help organizations secure their vCenter Servers? There are three I talk about in the video. These are:

- Keep vCenter Server updates
- Network segmentation
- Credentials segmentation

Applying vCenter Server updates - why is this important?

How does network segmentation help with vCenter Server security threats? What tools can you make use of if you can't move vCenter Server to a separate management network?

Why is thinking about your credentials important? How can you segment your credentials?

Links relevant to the video:

If you can't use the VAMI interface, learn how to manually patch vCenter Server here:

  1. VirtualizationHowto
  2. critical vulnerability
  3. cve-2021-22005
  4. cybersecurity
  5. ransomware
  6. security best practices
Рекомендации по теме
vCenter Server critical 0:12:43

vCenter Server critical vulnerability CVE-2021-22005 and vCenter Server Security best practices

Workaround For CVE-2021-22005 0:05:07

Workaround For CVE-2021-22005

vCenter PreAuth RCE 0:00:58

vCenter PreAuth RCE (CVE-2021-22005)

Use vCenter Server 0:13:36

Use vCenter Server firewall to protect vCenter against vCenter Server critical security bug CVE-2021

[Eng] EP4 - 0:11:22

[Eng] EP4 - VMware Enumeration script - CVE-2021-22005 exploitation demo

VMware warns of 0:05:12

VMware warns of critical bug in default vCenter Server installs

VMware vCenter Server 0:02:54

VMware vCenter Server Vulnerabilities CVE-2023

CVE-2021-21972 - VMware 0:03:57

CVE-2021-21972 - VMware vCenter Server Remote Code Execution

CVE-2022-22005 Poc 0:00:20

CVE-2022-22005 Poc

How to Fix 0:03:41

How to Fix VMware ESXi and vCenter Server updates address multiple security vulnerabilities (CVE-202

CVE-2021-21974 in VMware, 0:01:16

CVE-2021-21974 in VMware, explained

Patch those VMWare 0:04:32

Patch those VMWare vCenter Servers NOW!!!

VMWare vCenter Log4J 0:03:58

VMWare vCenter Log4J Workaround | VMSA-2021-0028 | CVE-2021-44228

[EN] VMware: How 0:16:03

[EN] VMware: How to detect the Log4j vulnerability on vCenter with Runecast, and how to patch it

Security Advisory: Critical 0:00:46

Security Advisory: Critical vulnerabilities in VMware

VMWare VSphere Exploit 0:05:01

VMWare VSphere Exploit Must Be Patched ASAP

CVE-2021-21972, CVE-2021-21973 - 0:05:28

CVE-2021-21972, CVE-2021-21973 - Security Advisory - VMWire Remote Code Vulnerability - Fix them Now

Threat of the 0:01:39

Threat of the Week: VMware vCenter Server Exploit

VMWare Critical Vulnerability 0:04:35

VMWare Critical Vulnerability CVE-2021-21982 for CVSS 9.1 can bypass authentication - Patch released

CVE-2021-21974: Demonstrating Remote 0:01:01

CVE-2021-21974: Demonstrating Remote Code Execution on VMware ESXi Server

VMWare ESXiArgs Ransomware 0:08:52

VMWare ESXiArgs Ransomware Attack | CVE-2021-21974 | Technical Details | OPENSLP

CVE-2021-21985 VCenter Pre-Auth 0:00:28

CVE-2021-21985 VCenter Pre-Auth RCE (Direct Shell)

*UPDATED* VMWare vCenter 0:08:21

*UPDATED* VMWare vCenter Log4J Workaround | VMSA-2021-0028 | CVE-2021-45046 | KB87081

Check-out the vulnerability 0:02:40

Check-out the vulnerability (CVE-2021-21985)

Комментарии
Автор

Do you know if there is any public exploit for this CVE? I'm doing a VAPT for my company and I think the version is vulnerable, but I would like to give a POC

albertobarbieri
Автор

good info...patched my appliances earlier this week 😂

seths