VMware is pervasive in healthcare, it's time to check you servers if you haven't already done so.
FTA
The security flaw, which VMware disclosed and patched on Tuesday, resides in the vCenter Server, a tool used for managing virtualization in large data centers. vCenter Server is used to administer VMware’s vSphere and ESXi host products, which by some rankings are the first and second most popular virtualization solutions on the market. Enlyft, a site that provides business intelligence, shows that more than 43,000 organizations use vSphere.
“Serious”
A VMware advisory said that vCenter machines using default configurations have a bug that, in many networks, allows for the execution of malicious code when the machines are reachable on a port that is exposed to the Internet. The vulnerability is tracked as CVE-2021-21985 and has a severity score of 9.8 out of 10.
---
Time to get to work.
#heatlhcare #cybersecurity #vmwarevsphere #healthit #cio #cmio #chime #himss
This transcription is provided by artificial intelligence. We believe in technology but understand that even the most intelligent robots can sometimes get speech recognition wrong.
Today in Health it, this story is VMware vCenter Vulnerability has a severity rating of 9.8 out of 10. This is serious. My name is Bill Russell. I'm a former CIO for a 16 hospital system and creator of this week in Health IT at channel dedicated to keeping health IT staff and engaged. Our sponsor for today is me.
I provide executive coaching for health leaders around technology and it, if you wanna learn more, check out health lyrics. Dot com. Alright, today's story comes from ours, Technica Vulnerability and VMware product has severity rating of 9.8 out of 10. Remote code execution flaw in vCenter server poses serious risk to data centers.
And as you know, VMware and vSphere is pervasive around healthcare. Let me go on to the article. Data centers around the world have a new concern to contend with a remote code vulnerability in a widely used VMware product. The security flaw, which . VMware disclosed and patched on Tuesday resides in the vCenter Server, a tool used for managing virtualization in large data centers.
vCenter Server is used to administer VMware's, vSphere and ESXI host products, which by some rankings are the first and second most popular virtualization solutions on the market, and lift a site that provides business intelligence shows that more than 43,000 organizations use vSphere. A VMware advisory said that vCenter's machines using default configurations have a bug that in many networks, allows for the execution of malicious code.
When the machines are reachable on a port that is exposed to the internet, the vulnerability is tracked as CVE dash 2021 dash 21 9 85, and has a severity score of 9.8 out of 10. The vSphere client contains a remote code execution vulnerability due to the lack of input, validation in the virtual San.
Health Check plugin, which is enabled by default in vCenter Server Tuesday's. Advisory stated, VMware has evaluated the severity of this issue to be in the critical severity range with a maximum C-V-S-S-V three base score of 9.8. A malicious actor with a network access to Port 4 43 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter.
Server independent researcher, Kevin Beaumont, agreed vCenter is a virtualization management software. He said in an interview, if you hack it, you control the virtualization layer, which allows access before the OSS layer. This is a serious vulnerability, so organizations should patch or restrict access to the vCenter server to authorized administrators.
Should in a service that catalog site services available on the internet shows that there are almost 5,600 public facing vCenter machines. Most of all of those reside in large data centers, potentially hosting terabytes of sensitive data should in shows. That the top users of vCenter servers exposed on the internet are Amazon hener online, G-M-B-H-O-V-H, SaaS and Google, CVE dash 2021 dash 21 9 8 5 is the second vCenter vulnerability this year to carry a 9.8 rating within a day of VMware, patching the vulnerability in February.
Proof of concept exploits appeared from at least six different sources. The disclosure set off a frantic round of mass internet scans as attackers and defenders alike search for vulnerable servers. Visa Center versions 6.5, 6.7 and 7.0 are all affected. Organizations with vulnerable machines should prioritize this patch.
Those who can't install immediately should follow Beaumont's. Workaround advice. VMware has more workaround guidance. Here and there's a link to a place with the workaround guidance. The so what for this goes without saying, VMware is pervasive in healthcare. It's time to get to work and patch the flaw as quickly as possible.
That's all for today. If you know of someone that might benefit from our channel, please forward them a note. They can subscribe on our website this week, health.com, or wherever you listen to podcasts. Apple, Google Overcast, Spotify, Stitcher. You get the picture. We are everywhere. We wanna thank our channel sponsors who are investing in our mission to develop the next generation of health leaders, VMware Hillrom, Starbridge Advisors, McAfee and Aruba Networks.
Thanks for listening. That's all for now.