Design/Logic Flaw

2021-09-2312:15:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.3%

JSON

The vCenter Server contains multiple denial-of-service vulnerabilities in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit these issues to create a denial of service condition due to excessive memory consumption by VAPI service.

CPENameOperatorVersion
cloud_foundationge3.0
cloud_foundationlt5.0
vcenter_servereq6.7
vcenter_servereq7.0

Name	Operator	Version
cloud_foundation	ge	3.0
cloud_foundation	lt	5.0
vcenter_server	eq	6.7
vcenter_server	eq	7.0

References

www.vmware.com/security/advisories/VMSA-2021-0020.html