This site will be decommissioned on December 31st 2024. After that date content will be available at techdocs.broadcom.com.

vCenter Server 7.0 Update 2b | 25 MAY 2021 | ISO Build 17958471

Check for additions and updates to these release notes.

What's in the Release Notes

The release notes cover the following topics:

What's New

  • vCenter Server 7.0 Update 2b delivers security fixes documented in the Resolved Issues section.

Earlier Releases of vCenter Server 7.0

Features, resolved and known issues of vCenter Server are described in the release notes for each release. Release notes for earlier releases of vCenter Server 7.0 are:

For internationalization, compatibility, installation, upgrade, open source components and product support notices, see the VMware vSphere 7.0 Release Notes.
For more information on vCenter Server supported upgrade and migration paths, please refer to VMware knowledge base article 67077.

Patches Contained in This Release

This release of vCenter Server 7.0 Update 2b delivers the following patch. See the VMware Patch Download Center for more information on downloading patches.

Patch for VMware vCenter Server Appliance 7.0 Update 2b

Product Patch for vCenter Server containing VMware software fixes, security fixes, and third-party product fixes.

This patch is applicable to vCenter Server.

Download Filename VMware-vCenter-Server-Appliance-7.0.2.00200-17958471-patch-FP.iso
Build 17958471
Download Size 5393.2 MB
md5sum 5808bb983c3ed013e25c3d897f224002
sha1checksum 1004942abfcac5ff12d9a1d50685ac857535f1dd

Download and Installation

You can download this patch by going to the VMware Patch Download Center and selecting VC from the Select a Product drop-down menu.

  1. Attach the VMware-vCenter-Server-Appliance-7.0.2.00200-17958471-patch-FP.iso file to the vCenter Server CD or DVD drive.
  2. Log in to the appliance shell as a user with super administrative privileges (for example, root) and run the following commands:
    • To stage the ISO:
      software-packages stage --iso
    • To see the staged content:
      software-packages list --staged
    • To install the staged rpms:
      software-packages install --staged

For more information on using the vCenter Server shells, see VMware knowledge base article 2100508.

For more information on patching vCenter Server, see Patching the vCenter Server Appliance.

For more information on staging patches, see Stage Patches to vCenter Server Appliance.

For more information on installing patches, see Install vCenter Server Appliance Patches.

For more information on patching using the Appliance Management Interface, see Patching the vCenter Server by Using the Appliance Management Interface.

Resolved Issues

The resolved issues are grouped as follows.

Security Issues
  • VMware vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the VMware vSAN health check plug-in. A malicious actor with network access to port 443 might exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2021-21985 to this issue. For more information, see VMware Security Advisory VMSA-2021-0010.

  • VMware vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the vSAN health check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability Client plug-ins. A malicious actor with network access to port 443 on vCenter Server might perform actions allowed by the impacted plug-ins without authentication. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2021-21986 to this issue. For more information, see VMware Security Advisory VMSA-2021-0010.

Known Issues from Prior Releases

To view a list of previous known issues, click here.

check-circle-line exclamation-circle-line close-line
Scroll to top icon