{"vulnerability": "CVE-2021-2201", "sightings": [{"uuid": "15cab232-6814-48d3-813f-5d742875f656", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22017", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "70d2e614-6e76-4195-8916-9e3a85481451", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22017", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971210", "content": "", "creation_timestamp": "2024-12-24T20:25:55.594875Z"}, {"uuid": "52380d18-c218-47cd-b0b8-bab36e63c2ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22015", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "6d8aa3af-d33b-4add-8469-7f102823f52d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22017", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:28.000000Z"}, {"uuid": "de15e8eb-7cdc-47ef-84dc-19e9617206de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22015", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:34.000000Z"}, {"uuid": "0e2d4252-0fbf-4dc8-9f4b-d92966ff07b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22017", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3me5bzf25og2i", "content": "", "creation_timestamp": "2026-02-05T21:02:49.317752Z"}, {"uuid": "c4446052-d3d5-4cee-a7b5-15e45eaf9190", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22015", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/vcenter_java_wrapper_vmon_priv_esc.rb", "content": "", "creation_timestamp": "2022-12-05T15:55:47.000000Z"}, {"uuid": "2f6cf854-0875-4b8e-af94-5340bf677667", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22015", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/618", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aScanner for vScalation (CVE-2021-22015) a Local Privilege Escalation in VMWare vCenter\nURL\uff1ahttps://github.com/PenteraIO/vScalation---CVE-2021-22015", "creation_timestamp": "2021-09-30T07:19:54.000000Z"}, {"uuid": "80a195ab-6558-492e-bcab-47cfc141d8d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-22017", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/292a5f4c-3721-4997-8ec0-10bb36a907d9", "content": "", "creation_timestamp": "2026-02-02T12:28:28.690764Z"}, {"uuid": "f3bd7c6e-432a-453a-b1b0-601a1d32650a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22015", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/619", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aScanner for vScalation (CVE-2021-22015) a Local Privilege Escalation in VMWare vCenter\nURL\uff1ahttps://github.com/PenteraIO/vScalation-CVE-2021-22015", "creation_timestamp": "2021-09-30T07:28:29.000000Z"}, {"uuid": "67ac10f7-ad55-424e-9929-df127a3922d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22017", "type": "seen", "source": "https://t.me/arpsyndicate/1364", "content": "#ExploitObserverAlert\n\nCVE-2021-22017\n\nDESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-22017. Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed.\n\nFIRST-EPSS: 0.134920000\nNVD-IS: 1.4\nNVD-ES: 3.9", "creation_timestamp": "2023-12-05T02:09:02.000000Z"}, {"uuid": "ccd9ee0d-cb66-47f4-ba08-77e31b81dc27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22015", "type": "published-proof-of-concept", "source": "Telegram/fAsd61VO3nPW5U0SuKoSPAdef0FfXWDE7emr3khswYTjwg", "content": "", "creation_timestamp": "2021-10-06T16:01:08.000000Z"}, {"uuid": "6858190e-e470-47db-84c6-0d764577c331", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22015", "type": "published-proof-of-concept", "source": "https://t.me/hackingshadow/2758", "content": "#TheShadowArmy\n\n#exploit\nCVE-2022-42823:\n1. Apple Safari JavaScriptCore Inspector Type Confusion\nhttps://ssd-disclosure.com/apple-safari-javascriptcore-inspector-type-confusion\n\n2. CVE-2021-22015:\nVMware vCenter vScalation Privilege Escalation\nhttps://packetstormsecurity.com/files/170116/VMware-vCenter-vScalation-Privilege-Escalation.html\n\n_-_-_-_-_-_- \u269cJOIN NOW \u269c -_-_-_-_-_-_\n \u274d\u274d\u274d \u2756 @HackingShadow \u2756 \u274d\u274d\u274d", "creation_timestamp": "2022-12-19T04:09:21.000000Z"}, {"uuid": "5e21f439-3533-40f3-9ca2-2dcb6c3f0aed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22015", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1859", "content": "#exploit\nCVE-2022-42823:\n1. Apple Safari JavaScriptCore Inspector Type Confusion\nhttps://ssd-disclosure.com/apple-safari-javascriptcore-inspector-type-confusion\n\n2. CVE-2021-22015:\nVMware vCenter vScalation Privilege Escalation\nhttps://packetstormsecurity.com/files/170116/VMware-vCenter-vScalation-Privilege-Escalation.html", "creation_timestamp": "2022-12-19T04:09:20.000000Z"}, {"uuid": "7e190aaf-394f-4f88-8572-3ae2161fd6a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22010", "type": "seen", "source": "https://t.me/cibsecurity/29286", "content": "\u203c CVE-2021-22010 \u203c\n\nThe vCenter Server contains a denial-of-service vulnerability in VPXD service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to create a denial of service condition due to excessive memory consumption by VPXD service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-23T16:29:50.000000Z"}, {"uuid": "741d979d-8454-4e48-9082-52144801caeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22013", "type": "seen", "source": "https://t.me/cibsecurity/29285", "content": "\u203c CVE-2021-22013 \u203c\n\nThe vCenter Server contains a file path traversal vulnerability leading to information disclosure in the appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-23T16:29:49.000000Z"}, {"uuid": "d98d2d41-8e46-47eb-bc1a-ea2bea9e25cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22017", "type": "seen", "source": "https://t.me/cibsecurity/29284", "content": "\u203c CVE-2021-22017 \u203c\n\nRhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-23T16:29:48.000000Z"}, {"uuid": "9a84428e-1f4a-4524-a54a-c32065768131", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22019", "type": "seen", "source": "https://t.me/cibsecurity/29280", "content": "\u203c CVE-2021-22019 \u203c\n\nThe vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 5480 on vCenter Server may exploit this issue by sending a specially crafted jsonrpc message to create a denial of service condition.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-23T16:29:43.000000Z"}, {"uuid": "7eb1e637-8473-4267-a2f0-5a3aded62de2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22012", "type": "seen", "source": "https://t.me/cibsecurity/29295", "content": "\u203c CVE-2021-22012 \u203c\n\nThe vCenter Server contains an information disclosure vulnerability due to an unauthenticated appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-23T16:30:02.000000Z"}, {"uuid": "be6d1e77-63fc-4263-9b2e-fd5e6383cb14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22014", "type": "seen", "source": "https://t.me/cibsecurity/29288", "content": "\u203c CVE-2021-22014 \u203c\n\nThe vCenter Server contains an authenticated code execution vulnerability in VAMI (Virtual Appliance Management Infrastructure). An authenticated VAMI user with network access to port 5480 on vCenter Server may exploit this issue to execute code on the underlying operating system that hosts vCenter Server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-23T16:29:53.000000Z"}, {"uuid": "cbbf97f1-240e-408e-a06a-77b6e41aa50e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22016", "type": "seen", "source": "https://t.me/cibsecurity/29283", "content": "\u203c CVE-2021-22016 \u203c\n\nThe vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. An attacker may exploit this issue to execute malicious scripts by tricking a victim into clicking a malicious link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-23T16:29:47.000000Z"}, {"uuid": "e9616b4f-2589-4fbb-ab05-b613c5c43874", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22015", "type": "seen", "source": "https://t.me/cibsecurity/29287", "content": "\u203c CVE-2021-22015 \u203c\n\nThe vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appliance.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-23T16:29:51.000000Z"}, {"uuid": "8395569b-ebd1-4297-b273-b003fd0f7c70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22015", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7387", "content": "#exploit\nCVE-2022-42823:\n1. Apple Safari JavaScriptCore Inspector Type Confusion\nhttps://ssd-disclosure.com/apple-safari-javascriptcore-inspector-type-confusion\n\n2. CVE-2021-22015:\nVMware vCenter vScalation Privilege Escalation\nhttps://packetstormsecurity.com/files/170116/VMware-vCenter-vScalation-Privilege-Escalation.html", "creation_timestamp": "2022-12-19T11:00:22.000000Z"}]}