Design/Logic Flaw

2021-09-2312:15:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

36.0%

JSON

vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to perform unauthenticated VM network setting manipulation.

CPENameOperatorVersion
cloud_foundationge3.0
cloud_foundationlt5.0
vcenter_servereq6.5
vcenter_servereq6.7
vcenter_servereq7.0

Name	Operator	Version
cloud_foundation	ge	3.0
cloud_foundation	lt	5.0
vcenter_server	eq	6.5
vcenter_server	eq	6.7
vcenter_server	eq	7.0

References

www.vmware.com/security/advisories/VMSA-2021-0020.html