How To Fix CVE-2021-22048- IWA Privilege Escalation Vulnerability In VMware vCenter Server

The VCenter Server recently disclosed a high severity privilege escalation vulnerability in the Integrated Windows Authentication (IWA) mechanism known as CVE-2021-22048. A threat actor can exploit this vulnerability using non-administrative access to vCenter Server and use a loophole to elevate privileges to a higher privilege group. Since the vulnerability allows attackers to escalate privilege escalation, it’s critical to learn how to fix CVE-2021-22048, IWA Privilege Escalation Vulnerability in VMware VCenter.

VMware vCenter Server

VMware vCenter Server is an advanced server management tool providing a centralized platform to control vSphere environments for visibility across hybrid clouds. It gives deep visibility into the configuration of critical components of a virtual infrastructure from a single unit. 

Virtual environments are easier to manage using a vCenter Server as a single administrator can manage multiple workloads and increase productivity. Moreover, it can allocate and optimize resources for increased efficiency. 

Summary Of CVE-2021-22048

IWA Privilege Escalation Vulnerability in VMware vCenter was reported to VMware, allowing threat actors with non-administrative access to the vCenter Server to exploit this vulnerability and elevate privileges to a higher-privileged group. 

VMware vCenter Server Versions Affected By CVE-2021-22048

Here are the products affected by CVE-2021-22018-IWA Privilege Escalation Vulnerability in VMware vCenter.

How To Fix CVE-2021-22048- IWA Privilege Escalation Vulnerability In VMware vCenter?

VMware has investigated that the exploitation possibility can be eliminated by performing the workaround steps discussed below. The workaround needs to change the SSO identity configuration from IWA to one of the following options. 

Active Directory over the LDAP authentication is not affected by the CVE-2021-22048. However, it does not understand domain trusts, so users switching to this method must configure a unique identity resource for all the trusted domains. Identity Provider Federation for AD FS doesn’t have this limitation.

How To Upgrade VMware vCenter Server?

Here are the steps you can follow to update VMware vCenter Server Appliance.

We hope this post would help you know how to fix CVE-2021-22048, IWA Privilege Escalation Vulnerability in VMware VCenter. Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, & Medium and subscribe to receive updates like this.