This site will be decommissioned on December 31st 2024. After that date content will be available at techdocs.broadcom.com.

vCenter Server 6.5 Update 3p | 25 MAY 2021 | ISO Build 17994927
vCenter Server Appliance 6.5 Update 3p | 25 MAY 2021 | ISO Build 17994927

Check for additions and updates to these release notes.

What's in the Release Notes

The release notes cover the following topics:

What's New

  • vCenter Server 6.5 Update 3p delivers security fixes documented in the Resolved Issues section.

Earlier Releases of vCenter Server 6.5

Features and known issues of vCenter Server are described in the release notes for each release. Release notes for earlier releases of vCenter Server 6.5 are:

For internationalization, compatibility, and installation notices, see the VMware vSphere 6.5 Release Notes.

For more information on vCenter Server supported upgrade and migration paths, please refer to VMware knowledge base article 67077.

Patches Contained in This Release

This release of vCenter Server 6.5 Update 3p delivers the following patches. See the VMware Patch Download Center for more information on downloading patches.

NOTE: vCenter Server 6.5 Update 3p does not provide a security patch to update the JRE component of vCenter Server for Windows and Platform Services Controller for Windows. Instead, you must download the VMware-VIM-all-6.5.0-17994927.iso file from Download Patches on vmware.com.

Full Patch for VMware vCenter Server Appliance 6.5 Update 3p

Product Patch for vCenter Server Appliance 6.5 containing VMware software fixes, security fixes, and Third Party Product fixes (for example: JRE and tcServer).

This patch is applicable to the vCenter Server Appliance and Platform Services Controller Appliance.

For vCenter Server and Platform Services Controller Appliances

Download Filename VMware-vCenter-Server-Appliance-6.5.0.35000-17994927-patch-FP.iso
Build 17994927
Download Size 1716.2 MB
md5sum 6aba95342399ac396c1e793370924620
sha1checksum c9778304ec0dd4f02574aaf3295346a4369dbd76

Download and Installation

You can download this patch by going to the VMware Patch Download Center and selecting VC from the Select a Product drop-down menu.

  1. Attach the VMware-vCenter-Server-Appliance-6.5.0.35000-17994927-patch-FP.iso file to the vCenter Server Appliance CD or DVD drive.
  2. Log in to the appliance shell as root and run the commands given below:
    • To stage the ISO:

      software-packages stage --iso

    • To see the staged content:

      software-packages list --staged

    • To install the staged rpms:

      software-packages install --staged

For more information on patching the vCenter Server Appliance, see Patching the vCenter Server Appliance.

For more information on staging patches, see Stage Patches to vCenter Server Appliance.

For more information on installing patches, see Install vCenter Server Appliance Patches.

For issues resolved in this patch see Resolved Issues.

For Photon OS updates, see VMware vCenter Server Appliance Photon OS Security Patches

For more information on patching using the Appliance Management Interface, see Patching the vCenter Server Appliance by Using the Appliance Management Interface.

Resolved Issues

The resolved issues are grouped as follows.

Security Issues
  • VMware vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the VMware vSAN health check plug-in. A malicious actor with network access to port 443 might exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2021-21985 to this issue. For more information, see VMware Security Advisory VMSA-2021-0010.

  • VMware vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the vSAN health check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability Client plug-ins. A malicious actor with network access to port 443 on vCenter Server might perform actions allowed by the impacted plug-ins without authentication. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2021-21986 to this issue. For more information, see VMware Security Advisory VMSA-2021-0010.

Known Issues from Earlier Releases

To view a list of previous known issues, click here.

check-circle-line exclamation-circle-line close-line
Scroll to top icon