Home VMware Workaround Instructions for CVE-2021-21972 and CVE-2021-21973 on VMware vCenter Server (82374)

Workaround Instructions for CVE-2021-21972 and CVE-2021-21973 on VMware vCenter Server (82374)

by Roger Lund

New VMware KB that I wanted to outline.

“The vCenter Server team has investigated CVE-2021-21972 and CVE-2021-21973 and have determined that the possibility of exploitation can be removed by performing the steps detailed in the Workaround section of this article. This workaround is meant to be a temporary solution until updates documented in VMSA-2021-0002 can be deployed.

Impacted and Fixed vCenter Server Versions:

VersionImpacted VersionsFixed VersionRelease DateVAMI/Release Notes
Build Number
Client/MOB/vpxd.log
Build Number
 7.0  All versions prior to 7.0 U1c        7.0 U1c (or later)2020-12-1717327517 (or later)    17327586 (or later)
 6.7 VCSAAll versions prior to 6.7 U3l        6.7 U3l (or later)2020-11-1917138064 (or later)   17137327 (or later)
         6.7 Windows          All versions prior to 6.7 U3l         6.7 U3l (or later)2020-11-1917138064 (or later)   17137232 (or later)
VersionImpacted VersionFixed VersionRelease DateBuild Number
6.5 (VCSA and Windows)                All versions prior to 6.5 U3n                  6.5 U3n (or later)2021-02-23          17590285(or later)

More info https://kb.vmware.com/s/article/82374

You may also like