Vulnerabilities in Vmware, (CVE-2021-21972), (CVE-2021-21973), (CVE-2021-21974).

They affect Vmware versions 7.0, 6.7 and 6.5, in products such as vCenter and ESXi. The vulnerability exploits through the vROP plugin (vRealize Operation Manager), the same vulnerability can cause damage, regardless of whether or not vROP is deployed on the vCenter Server. The attack or malicious code can enter through port 443 (vCenter Communication Port) and through port 427 of the ESXi Hypervisor.

Reference Link.

https://www.vmware.com/security/advisories/VMSA-2021-0002.html

To configure the vROP plugin as incompatible, the information is in the following link

https://kb.vmware.com/s/article/82374.

To proceed with the deactivation of the SLP service, I attach a reference link: https://kb.vmware.com/s/article/76372.
1

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month