Tanzania Computer Emergency Response Team

VMware Remote Code Execution and Authentication Vulnerability (CVE-2021-21985, CVE-2021-21986)

27th May 2021

Advisory No: TZCERT/SA/2021/05/27 Date of First Release: 27th May 2021 Source: VMware Software Affected: VMware vCenter Server (vCenter Server)VMware Cloud Foundation (Cloud Foundation) Overview: Multiple vulnerabilities exist in vSphere Client (HTML5) that could cause remote code execution (CVE-2021-21985) and perform actions allowed by Virtual SAN Health Check plug-in without authentication (CVE-2021-21986). Description: The vSphere Client …

Chrome Security Update

26th May 2021

Google has released security updates to address vulnerabilities in Chrome prior to version 91.0.4472.77. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Chrome Release Note and apply necessary updates.

VMware Security Update

26th May 2021

VMware has released security updates to address vulnerabilities in VMware vCenter Server and VMware Cloud Foundation. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review VMware Security Advisory and apply necessary updates.

HP Security Update

26th May 2021

Hewlett Packard Enterprise has released security updates to address a vulnerability in HPE 3PAR and Primera SSMC. Exploitation of this vulnerability may allow an attacker to take control of affected system. Users and administrators are encouraged to review HP Security Advisory and apply necessary updates.

Archlinux Security Update

26th May 2021

Arch Linux has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Arch Linux Security Advisories and apply necessary updates.

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

VMware Remote Code Execution and Authentication Vulnerability (CVE-2021-21985, CVE-2021-21986)

Chrome Security Update

VMware Security Update

HP Security Update

Archlinux Security Update

Subscribe to Receive Regular Updates

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Critical Vulnerabilities in multiple IBM vulnerabilities (CVE-2024-1597, CVE-2022-46337)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

High severity vulnerabilities affecting WordPress (CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, CVE-2024-6318)

High severity vulnerabilities in HPE ProLiant and HPE Edgeline Servers Using BIOS (PixieFail) (CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235, CVE-2021-38575)