Vulnerabilities in plugins that ship with vCenter Server have been disclosed by VMware. These vulnerabilities and their impact on VMware products are documented in the following VMware Security Advisories (VMSAs):
- CVE-2021-21972 - VMSA-2021-0002 (vRealize Operations Manager Plugin)
- CVE-2021-21985 - VMSA-2021-0010 (Virtual SAN Health Check Plugin)
- CVE-2021-21986 - VMSA-2021-0010 (Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability Plugins)
For more information see https://kb.vmware.com/s/article/83829