18th September 2021

New Remote Code Execution Vulnerability Affecting the VMware View Planner Product – CVE-2021-21978

On March 10, 2021, a critical vulnerability with a CVSS V3.1 Score of 9.8 was published in the VMware View Planner product that could lead to remote code execution. Due to the criticality and high score of this vulnerability, it is recommended to install the following patch. In addition, since the vulnerability and patch have been released, it is believed that attackers could examine and work on this fix and generate exploit codes. So, switch the security patch below to your system.

CVE-2021-21978
CVE-2021-21978

 

Affected Systems and CVE/CWE

It has been stated that the following system/product is affected:

  • VMware View Planner 4.6

CVE/CWE: CVE-2021-21978cybe

Solution Offers

It is recommended to install the updates listed in the table below.

Product  Security Patch
VMware View Planner 4.6 View Planner 4.6 Security Patch 1

Note: Those with a CVSS 3.1 score (out of 10) 7.0-8.9 are considered “high”, those with 9.0-10.0 are considered “critical” vulnerabilities.

Reference:

  • https://www.vmware.com/security/advisories/VMSA-2021-0003.html
  • https://nvd.nist.gov/vuln/detail/CVE-2021-21978
LEARN MORE  How to Install Oracle VirtualBox on Windows?

Leave a Reply

Your email address will not be published. Required fields are marked *