Lucene search
VmwareCVELIST:CVE-2021-21993HistorySep 23, 2021 - 11:37 a.m.
CVE-2021-21993
2021-09-2311:37:24
vmware
www.cve.org
1
The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. An authorised user with access to content library may exploit this issue by sending a POST request to vCenter Server leading to information disclosure.
CNA Affected
[
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
]Related
prion
prion
Server side request forgery (ssrf)
2021-09-23 12:15:00
nvd
nvd
CVE-2021-21993
2021-09-23 12:15:07
cve
cve
CVE-2021-21993
2021-09-23 12:15:07
cnvd
cnvd
VMware vCenter Server Server-Side Request Forgery Vulnerability
2021-09-24 00:00:00
ibm
ibm
nessus
nessus
VMware vCenter Server < 6.5 U3q Multiple Vulnerabilities (VMSA-2021-0020)
2021-09-22 00:00:00
VMware vCenter Server < 7.0 U2c Multiple Vulnerabilities (VMSA-2021-0020)
2021-09-22 00:00:00
VMware vCenter Server < 6.7 Multiple Vulnerabilities (VMSA-2021-0020)
2021-09-22 00:00:00
vmware
vmware
VMware vCenter Server updates address multiple security vulnerabilities
2021-09-21 00:00:00
VMware vCenter Server updates address multiple security vulnerabilities
2021-09-21 00:00:00
thn
thn
VMware Warns of Critical File Upload Vulnerability Affecting vCenter Server
2021-09-22 03:09:00