Lucene search
PRIOn knowledge basePRION:CVE-2021-21973HistoryFeb 24, 2021 - 5:15 p.m.
Server side request forgery (ssrf)
2021-02-2417:15:00
PRIOn knowledge base
www.prio-n.com
11
The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue by sending a POST request to vCenter Server plugin leading to information disclosure. This affects: VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).
Related
cisa_kev
cisa_kev
nvd
nvd
CVE-2021-21973
2021-02-24 17:15:15
attackerkb
attackerkb
CVE-2021-21973
2021-02-24 00:00:00
nuclei
nuclei
VMware vSphere - Server-Side Request Forgery
2022-01-27 10:20:44
cvelist
cvelist
CVE-2021-21973
2021-02-24 16:42:02
cve
cve
CVE-2021-21973
2021-02-24 17:15:15
nessus
nessus
VMware vCenter Server SSRF (CVE-2021-21973) (Direct Check)
2022-08-23 00:00:00
checkpoint_advisories
checkpoint_advisories
VMware vSphere Client Remote Code Execution (CVE-2021-21972; CVE-2021-21973)
2021-02-28 00:00:00
ibm
ibm
githubexploit
githubexploit
Exploit for Improper Privilege Management in Vmware Cloud Foundation
2021-10-03 23:03:11
Exploit for Improper Privilege Management in Vmware Cloud Foundation
2021-04-06 10:38:40
Exploit for Improper Privilege Management in Vmware Cloud Foundation
2021-10-03 23:03:11
cisa
cisa
VMware Releases Multiple Security Updates
2021-02-24 00:00:00
CISA Adds 11 Known Exploited Vulnerabilities to Catalogβ―
2022-03-07 00:00:00
vmware
vmware
rapid7blog
rapid7blog
threatpost
threatpost
VMWare Patches Critical RCE Flaw in vCenter Server
2021-02-24 17:14:55
thn
thn
Critical RCE Flaws Affect VMware ESXi and vSphere Client β Patch Now
2021-02-24 07:54:00