9.8
CVE-2021-26987
- EPSS 1.87%
- Published 15.03.2021 22:15:13
- Last modified 21.11.2024 05:57:08
- Source security-alert@netapp.com
- Teams watchlist Login
- Open Login
Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions prior to 1.3.2 are susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-in for vCenter Server, Management Services versions prior to 2.17.56 and Management Node versions through 12.2 contain vulnerable versions of SpringBoot Framework.
Data is provided by the National Vulnerability Database (NVD)
VMware ≫ Spring Boot Version < 1.3.2
Netapp ≫ Management Services For Element Software And Netapp Hci Version < 2.17.56
Netapp ≫ Solidfire & Hci Management Node Version <= 12.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.87% | 0.815 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|