VMware Security Announcement VMSA-2021-0006 CVSSv3 Score 7.5

Today VMware released a new Security advisory VMSA-2021-0006. This advisory affects VMware NSX-T, the updates address a privilege escalation vulnerability (CVE-2021-21981).

Impacted Products
  • VMware NSX-T
Introduction

A privilege escalation vulnerability in VMware NSX-T was privately reported to VMware. Updates are available to remediate this vulnerability in affected VMware product.

Privilege escalation vulnerability (CVE-2021-21981)

Description

VMware NSX-T contains a privilege escalation vulnerability due to an issue with RBAC (Role based access control) role assignment. VMware has evaluated this issue to be 'Important' severity with a maximum CVSSv3 base score of 7.5.

Known Attack Vectors

Successful exploitation of this issue may allow attackers with local guest user account to assign privileges higher than their own permission level.

Resolution

This issue only affects NSX-T version 3.1.1, other versions are not affected. To remediate apply patched version 3.1.2. Download links will be provided below.

Notes

To exploit this issue, NSX Enterprise administrator must activate the local guest user account. It is not activated by default.

Workarounds

A workaround has been provided in KB83047. Privilege Escalation Observed with Role Assignment Permissions NSX-T 3.1.1 (83047) (vmware.com)

Do not activate local guest user and/or do not assign RBAC role with user-role assignment permission to local guest users.

References

VMware NSX-T 3.1.2
Downloads and Documentation:
https://my.vmware.com/en/web/vmware/downloads/details?downloadGroup=NSX-T-312&productId=982&rPId=64728
https://docs.vmware.com/en/VMware-NSX-T-Data-Center/index.html

Link to official advisory

VMSA-2021-0006 (vmware.com)

Thanks for reading!