Vulnerability CVE-2021-21972


Published: 2021-02-24

Description:
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).

See advisories in our WLB2 database:
Topic
Author
Date
High
VMware vCenter 6.5 / 7.0 Remote Code Execution Proof Of Concept
NebulabdSec
25.02.2021
High
VMware vCenter Server 7.0 Unauthenticated File Upload
Photubias
01.03.2021
High
VMware vCenter 6.5 / 6.7 / 7.0 Remote Code Execution
CHackA0101
25.06.2021

Type:

CWE-269

(Improper Privilege Management)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Vmware -> Cloud foundation 
Vmware -> Vcenter server 

 References:
http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html
https://www.vmware.com/security/advisories/VMSA-2021-0002.html

Copyright 2024, cxsecurity.com

 

Back to Top