Lucene search
Sergey Gerasimov and George webpentest Noseevich of SolidLabZDI-21-1110HistorySep 22, 2021 - 12:00 a.m.
VMware vCenter Server Appliance External Control of File Path Denial-of-Service Vulnerability
2021-09-2200:00:00
Sergey Gerasimov and George webpentest Noseevich of SolidLab
www.zerodayinitiative.com
16
0.003 Low
EPSS
Percentile
70.3%
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of VMware vCenter Server Appliance. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of jsonrpc messages. A crafted request can trigger a file read operation of a blocking or slow character stream. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.
Related
nvd
nvd
CVE-2021-22009
2021-09-23 12:15:07
zdi
zdi
prion
prion
Design/Logic Flaw
2021-09-23 12:15:00
cvelist
cvelist
CVE-2021-22009
2021-09-23 11:51:32
cnvd
cnvd
VMware vCenter Server Denial of Service Vulnerability (CNVD-2021-74280)
2021-09-24 00:00:00
cve
cve
CVE-2021-22009
2021-09-23 12:15:07
nessus
nessus
VMware vCenter Server < 6.5 U3q Multiple Vulnerabilities (VMSA-2021-0020)
2021-09-22 00:00:00
VMware vCenter Server < 7.0 U2c Multiple Vulnerabilities (VMSA-2021-0020)
2021-09-22 00:00:00
VMware vCenter Server < 6.7 Multiple Vulnerabilities (VMSA-2021-0020)
2021-09-22 00:00:00
ibm
ibm
vmware
vmware
VMware vCenter Server updates address multiple security vulnerabilities
2021-09-21 00:00:00
VMware vCenter Server updates address multiple security vulnerabilities
2021-09-21 00:00:00
thn
thn
VMware Warns of Critical File Upload Vulnerability Affecting vCenter Server
2021-09-22 03:09:00