November 21, 2021
VMware has investigated and confirmed possible exploits that can be performed by a malicious attacker using “privileged account escalation” method.
A malicious actor with non-administrative access to vCenter Server may exploit this issue to elevate privileges to a higher privileged group.
This workaround requires that the SSO (Single Sign-On) identity source configuration is switched from Integrated Windows Authentication (IWA) to one of the options below.
VMware announced this on their Security Solutions Advisory as:
VMSA-2021-0025.1: VMware vCenter Server updates address a privilege escalation vulnerability (CVE-2021-22048)
Impacted Products are as follows:
Currently there is no resolution — until a patch becomes available.
VMware suggest implementing a workaround:
Contact Cornerstone.IT — We are here to assist you.