CVE-2021-21972

VMware vCenter Server vSphere Client contains a remote code execution vulnerability in a vCenter Server plugin which allows an attacker with network access to port 443 to execute commands with unrestricted privileges on the underlying operating system. Vendor/Product: VMware vCenter Server. Added to CISA KEV 2021-11-03; required action: Apply updates per vendor instructions.