9.8
CVE-2021-26987
- EPSS 1.87%
- Veröffentlicht 15.03.2021 22:15:13
- Zuletzt bearbeitet 21.11.2024 05:57:08
- Quelle security-alert@netapp.com
- CVE-Watchlists
- Unerledigt
LoginElement Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions prior to 1.3.2 are susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-in for vCenter Server, Management Services versions prior to 2.17.56 and Management Node versions through 12.2 contain vulnerable versions of SpringBoot Framework.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VMware ≫ Spring Boot Version < 1.3.2
Netapp ≫ Management Services For Element Software And Netapp Hci Version < 2.17.56
Netapp ≫ Solidfire & Hci Management Node Version <= 12.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.87% | 0.815 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|