5.3
CVE-2021-22011
- EPSS 0.59%
- Published 23.09.2021 12:15:07
- Last modified 21.11.2024 05:49:26
- Source security@vmware.com
- Teams watchlist Login
- Open Login
vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to perform unauthenticated VM network setting manipulation.
Data is provided by the National Vulnerability Database (NVD)
VMware ≫ Cloud Foundation Version >= 3.0 < 5.0
VMware ≫ Vcenter Server Version6.5 Update-
VMware ≫ Vcenter Server Version6.7 Update-
VMware ≫ Vcenter Server Version7.0 Update-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.59% | 0.683 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|