Skip to content

vikerup/Get-vSphereVersion

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 

Repository files navigation

Get-vSphereVersion

Getting started

Get-vSphereVersion is a simple way of verifying the current version of a VMWare vCenter Server.

Usage

PS C:\> iex (new-object net.webclient).downloadstring("https://raw.githubusercontent.com/vikerup/Get-vSphereVersion/main/Get-vSphereVersion.ps1")

PS C:\> Get-vSphereVersion -servername 192.168.0.10


name          : VMware vCenter Server
fullName      : VMware vCenter Server 7.0.0 build-16386335
vendor        : VMware, Inc.
version       : 7.0.0
build         : 16386335
localeVersion : INTL
localeBuild   : 000
osType        : linux-x64
productLineId : vpx
apiType       : VirtualCenter
apiVersion    : 7.0.0.0

VMware vCenter unauthenticated remote code execution CVEs

CVE-2021-22005

Fixed in:

  • 7.0 Build 18356314
  • 6.7 VCSA/Windows Build 18485166
  • 6.5/6.0 not vulnerable

POC: https://github.com/r0ckysec/CVE-2021-22005

VMware: https://kb.vmware.com/s/article/85717

CVE-2021-21972:

Fixed in:

  • 7.0 Build 17327517
  • 6.7 VCSA/Windows Build 17138064
  • 6.5 Build 17590285

POC: https://github.com/horizon3ai/CVE-2021-21972

VMware: https://kb.vmware.com/s/article/82374

CVE-2020-3952:

Fixed in:

  • 7.0 not vulnerable
  • 6.7 VCSA/Windows Build 15976714
  • 6.5/6.0 not vulnerable

Note that vCenter must be in-placed upgraded from 6.0/6.5 to 6.7 to be vulnerable

POC: https://github.com/guardicore/vmware_vcenter_cve_2020_3952

VMware: https://blogs.vmware.com/vsphere/2020/04/vsphere-vmsa-2020-0006-cve-2020-3952.html

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published