This article encloses two announced security vulnerabilities with vCenter server.
VMSA-2022-0018 – VMware vCenter Server updates address a server-side
request forgery vulnerability (CVE-2022-22982)
Please see the advisory and the required security patches here:
https://www.vmware.com/security/advisories/VMSA-2022-0018.html
Impacted Products:
VMware vCenter Server (vCenter Server)
VMware Cloud Foundation (Cloud Foundation)
VMSA-2021-0025.2 – VMware vCenter Server updates address a privilege
escalation vulnerability (CVE-2021-22048)
Please see the updated advisory here:
https://www.vmware.com/security/advisories/VMSA-2021-0025.html
Changelog:
2022-07-12 VMSA-2021-0025.2
Added fixed version of vCenter Server 7.0 in the Response Matrix.
Leave a Reply