9
CVE-2021-22014
- EPSS 1.62%
- Veröffentlicht 23.09.2021 12:15:08
- Zuletzt bearbeitet 21.11.2024 05:49:26
- Quelle security@vmware.com
- Teams Watchlist Login
- Unerledigt Login
The vCenter Server contains an authenticated code execution vulnerability in VAMI (Virtual Appliance Management Infrastructure). An authenticated VAMI user with network access to port 5480 on vCenter Server may exploit this issue to execute code on the underlying operating system that hosts vCenter Server.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VMware ≫ Cloud Foundation Version >= 3.0 < 5.0
VMware ≫ Vcenter Server Version6.5 Update-
VMware ≫ Vcenter Server Version6.7 Update-
VMware ≫ Vcenter Server Version7.0 Update-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.62% | 0.81 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 1.2 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 9 | 8 | 10 |
AV:N/AC:L/Au:S/C:C/I:C/A:C
|