Lucene search
VmwareCVELIST:CVE-2021-22008HistorySep 23, 2021 - 11:41 a.m.
CVE-2021-22008
2021-09-2311:41:28
vmware
www.cve.org
5
The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by sending a specially crafted json-rpc message to gain access to sensitive information.
CNA Affected
[
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
]Related
zdi
zdi
cve
cve
CVE-2021-22008
2021-09-23 12:15:07
nvd
nvd
CVE-2021-22008
2021-09-23 12:15:07
cnvd
cnvd
VMware vCenter Server Information Disclosure Vulnerability (CNVD-2021-74283)
2021-09-24 00:00:00
prion
prion
Information disclosure
2021-09-23 12:15:00
nessus
nessus
VMware vCenter Server < 6.5 U3q Multiple Vulnerabilities (VMSA-2021-0020)
2021-09-22 00:00:00
VMware vCenter Server < 7.0 U2c Multiple Vulnerabilities (VMSA-2021-0020)
2021-09-22 00:00:00
VMware vCenter Server < 6.7 Multiple Vulnerabilities (VMSA-2021-0020)
2021-09-22 00:00:00
ibm
ibm
vmware
vmware
VMware vCenter Server updates address multiple security vulnerabilities
2021-09-21 00:00:00
VMware vCenter Server updates address multiple security vulnerabilities
2021-09-21 00:00:00
thn
thn
VMware Warns of Critical File Upload Vulnerability Affecting vCenter Server
2021-09-22 03:09:00