CVE-2021-21995: 
vSphere ESXi Hypervisor vulnerability analysis and mitigation

OpenSLP as used in VMware ESXi contains a denial-of-service vulnerability (CVE-2021-21995) that was disclosed on July 13, 2021. The vulnerability affects VMware ESXi versions 6.5, 6.7, 7.0, and VMware Cloud Foundation versions 3.x and 4.x. This security flaw stems from a heap out-of-bounds read issue in the OpenSLP service (VMware Advisory).

The vulnerability is classified with a CVSS v3.1 base score of 7.5 HIGH (Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and a CVSS v2.0 score of 5.0 MEDIUM. The issue is categorized as CWE-125 (Out-of-bounds Read). The vulnerability specifically affects port 427 on ESXi systems where the OpenSLP service is running (NVD).

When exploited, this vulnerability can result in a denial-of-service condition in the affected ESXi systems. The impact is limited to service availability, with no reported compromise of confidentiality or integrity (VMware Advisory).

VMware has released patches for all affected versions: ESXi70U2-17630552 for version 7.0, ESXi670-202103101-SG for version 6.7, and ESXi650-202107401-SG for version 6.5. Additionally, VMware recommends disabling the OpenSLP service in ESXi if it is not used, as per their Security Configuration Guides. Detailed workarounds are available in KB76372 (VMware Advisory).

The vulnerability was discovered and reported by VictorV(Tangtianwen) of Kunlun Lab. VMware has evaluated the severity of this issue to be in the Moderate severity range (VMware Advisory).