Vulnerability-Lookup

CVE-2021-21972 (GCVE-0-2021-21972)

Vulnerability from cvelistv5 – Published: 2021-02-24 16:42 – Updated: 2025-10-21 23:25

CISA KEV

Summary

The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).

Severity ?

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

Remote code execution vulnerability

Assigner

vmware

References

URL

Tags

	https://www.vmware.com/security/advisories/VMSA-2…	x_refsource_CONFIRM
	http://packetstormsecurity.com/files/161590/VMwar…	x_refsource_MISC
	http://packetstormsecurity.com/files/161695/VMwar…	x_refsource_MISC
	http://packetstormsecurity.com/files/163268/VMwar…	x_refsource_MISC

Impacted products

Vendor

Product

Version

n/a

VMware vCenter Server

Affected: 7.x before 7.0 U1c
Affected: 6.7 before 6.7 U3l
Affected: 6.5 before 6.5 U3n

n/a

VMware Cloud Foundation

Affected: 4.x before 4.2
Affected: 3.x before 3.10.1.2

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 6dfe25d0-1f9e-4a1a-922c-d3d2eeaee3b1

Vulnerability ID: CVE-2021-21972

Status: Confirmed

Status Updated: 2021-11-03 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2021-11-03

Asserted: 2021-11-03

Scope

Notes: KEV entry: VMware vCenter Server Remote Code Execution Vulnerability | Affected: VMware / vCenter Server | Description: VMware vCenter Server vSphere Client contains a remote code execution vulnerability in a vCenter Server plugin which allows an attacker with network access to port 443 to execute commands with unrestricted privileges on the underlying operating system. | Required action: Apply updates per vendor instructions. | Due date: 2021-11-17 | Known ransomware campaign use (KEV): Known | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2021-21972

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details

Cwes	CWE-23
Feed	CISA Known Exploited Vulnerabilities Catalog
Product	vCenter Server
Due Date	2021-11-17
Date Added	2021-11-03
Vendorproject	VMware
Vulnerabilityname	VMware vCenter Server Remote Code Execution Vulnerability
Knownransomwarecampaignuse	Known

References

CVE-2021-21972

Created: 2026-02-02 12:29 UTC | Updated: 2026-02-02 12:29 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:30:23.615Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-21972",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T15:37:18.620381Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21972"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-22",
                "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:25:54.005Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21972"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-03T00:00:00+00:00",
            "value": "CVE-2021-21972 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "VMware vCenter Server",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "7.x before 7.0 U1c"
            },
            {
              "status": "affected",
              "version": "6.7 before 6.7 U3l"
            },
            {
              "status": "affected",
              "version": "6.5 before 6.5 U3n"
            }
          ]
        },
        {
          "product": "VMware Cloud Foundation",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "4.x before 4.2"
            },
            {
              "status": "affected",
              "version": "3.x before 3.10.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote code execution vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-24T19:06:12.000Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@vmware.com",
          "ID": "CVE-2021-21972",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "VMware vCenter Server",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.x before 7.0 U1c"
                          },
                          {
                            "version_value": "6.7 before 6.7 U3l"
                          },
                          {
                            "version_value": "6.5 before 6.5 U3n"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "VMware Cloud Foundation",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "4.x before 4.2"
                          },
                          {
                            "version_value": "3.x before 3.10.1.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Remote code execution vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html",
              "refsource": "CONFIRM",
              "url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2021-21972",
    "datePublished": "2021-02-24T16:42:05.000Z",
    "dateReserved": "2021-01-04T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:25:54.005Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2021-21972",
      "cwes": "[\"CWE-23\"]",
      "dateAdded": "2021-11-03",
      "dueDate": "2021-11-17",
      "knownRansomwareCampaignUse": "Known",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2021-21972",
      "product": "vCenter Server",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "VMware vCenter Server vSphere Client contains a remote code execution vulnerability in a vCenter Server plugin which allows an attacker with network access to port 443 to execute commands with unrestricted privileges on the underlying operating system.",
      "vendorProject": "VMware",
      "vulnerabilityName": "VMware vCenter Server Remote Code Execution Vulnerability"
    },
    "fkie_nvd": {
      "cisaActionDue": "2021-11-17",
      "cisaExploitAdd": "2021-11-03",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "VMware vCenter Server Remote Code Execution Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.0\", \"versionEndExcluding\": \"3.10.1.2\", \"matchCriteriaId\": \"1995769A-1AB9-47FA-966A-8E82D414161E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.0\", \"versionEndExcluding\": \"4.2\", \"matchCriteriaId\": \"A608D809-6E65-4228-9207-CB470529C542\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*\", \"matchCriteriaId\": \"CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DD16169-A7DF-4604-888C-156A60018E32\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*\", \"matchCriteriaId\": \"46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*\", \"matchCriteriaId\": \"D26534EB-327B-4ED6-A3E1-005552CB1F9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*\", \"matchCriteriaId\": \"786CDD50-7E18-4437-8DB9-2D0ADECD436E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2CE8DAE-0E78-4004-983D-1ECD8855EC33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*\", \"matchCriteriaId\": \"F72A1E9C-F960-4E8C-A46C-B38209E6349E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C33CE46-F529-4EA9-9344-6ED3BFA7019D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F1D8161-0E02-45C9-BF61-14799AB65E03\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F2CB1FF-6118-4875-945D-07BAA3A21FFA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*\", \"matchCriteriaId\": \"1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*\", \"matchCriteriaId\": \"BDDC6510-3116-4578-80C8-8EF044A8370A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*\", \"matchCriteriaId\": \"8678DB48-CB98-4E4C-ADE6-CABA73265FEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*\", \"matchCriteriaId\": \"DBD9A341-1FBF-4E04-848B-550DEB27261A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*\", \"matchCriteriaId\": \"4955663C-1BB6-4F3E-9D4B-362DF144B7F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE0F8453-3D6C-4F1C-9167-3F02E3D905DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update3f:*:*:*:*:*:*\", \"matchCriteriaId\": \"0EAD4045-A7F9-464F-ABB9-3782941162CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update3k:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F0A79C2-33AE-40C5-A853-770A4C691F29\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"E456F84C-A86E-4EA9-9A3E-BEEA662136E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*\", \"matchCriteriaId\": \"5241C282-A02B-44B2-B6CA-BA3A99F9737C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*\", \"matchCriteriaId\": \"04A60AC7-C2EA-4DBF-9743-54D708584AFA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A91B0C4-F184-459E-AFD3-DE0E351CC964\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*\", \"matchCriteriaId\": \"23253631-2655-48A8-9B00-CB984232329C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*\", \"matchCriteriaId\": \"50C2A9A8-0E66-4702-BCD4-74622108E7A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE4D3E2A-C32D-408F-B811-EF8BC86F0D34\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*\", \"matchCriteriaId\": \"31CA7802-D78D-4BAD-A45A-68B601C010C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B98981B-4721-4752-BAB4-361DB5AEB86F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*\", \"matchCriteriaId\": \"04487105-980A-4943-9360-4442BF0411E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:update3a:*:*:*:*:*:*\", \"matchCriteriaId\": \"24D24E06-EB3F-4F11-849B-E66757B01466\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:update3b:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AF12716-88E2-44B5-ACD7-BCBECA130FB8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:update3f:*:*:*:*:*:*\", \"matchCriteriaId\": \"3352212C-E820-47B3-BDF5-57018F5B9E81\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:update3g:*:*:*:*:*:*\", \"matchCriteriaId\": \"6436ADFD-6B94-4D2A-B09B-CED4EC6CA276\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:update3j:*:*:*:*:*:*\", \"matchCriteriaId\": \"D06832CE-F946-469D-B495-6735F18D02A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"5FA81CCD-A05E-498C-820E-21980E92132F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*\", \"matchCriteriaId\": \"0EE83406-A3D9-4F75-A1A6-63831CEBEEC1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB563627-C9CF-4D8A-B882-9AB65EAE9E15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCA03B2A-48B2-48AD-B8EB-9D7BB2016819\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2392D0F-D7A2-4E01-9212-1BA6C895AEBF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D731C1A-9FE5-461C-97E2-6F45E4CBABE1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*\", \"matchCriteriaId\": \"8725E544-2A94-4829-A683-1ECCE57A74A6\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).\"}, {\"lang\": \"es\", \"value\": \"El VSphere Client (HTML5) contiene una vulnerabilidad de ejecuci\\u00f3n de c\\u00f3digo remota en un plugin de vCenter Server.\u0026#xa0;Un actor malicioso con acceso de red al puerto 443 puede explotar este problema para ejecutar comandos con privilegios no restringidos en el sistema operativo subyacente que aloja vCenter Server.\u0026#xa0;Esto afecta a VMware vCenter Server (versiones 7.x anteriores a 7.0 U1c, versiones 6.7 anteriores a 6.7 U3l y versiones 6.5 anteriores a 6.5 U3n) y VMware Cloud Foundation (versiones 4.x anteriores a 4.2 y versiones 3.x anteriores a 3.10.1.2)\"}]",
      "id": "CVE-2021-21972",
      "lastModified": "2024-11-21T05:49:20.893",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-02-24T17:15:15.833",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html\", \"source\": \"security@vmware.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html\", \"source\": \"security@vmware.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html\", \"source\": \"security@vmware.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.vmware.com/security/advisories/VMSA-2021-0002.html\", \"source\": \"security@vmware.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.vmware.com/security/advisories/VMSA-2021-0002.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@vmware.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-21972\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2021-02-24T17:15:15.833\",\"lastModified\":\"2025-10-30T20:06:27.130\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).\"},{\"lang\":\"es\",\"value\":\"El VSphere Client (HTML5) contiene una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en un plugin de vCenter Server.\u0026#xa0;Un actor malicioso con acceso de red al puerto 443 puede explotar este problema para ejecutar comandos con privilegios no restringidos en el sistema operativo subyacente que aloja vCenter Server.\u0026#xa0;Esto afecta a VMware vCenter Server (versiones 7.x anteriores a 7.0 U1c, versiones 6.7 anteriores a 6.7 U3l y versiones 6.5 anteriores a 6.5 U3n) y VMware Cloud Foundation (versiones 4.x anteriores a 4.2 y versiones 3.x anteriores a 3.10.1.2)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2021-11-03\",\"cisaActionDue\":\"2021-11-17\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"VMware vCenter Server Remote Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0\",\"versionEndExcluding\":\"3.10.1.2\",\"matchCriteriaId\":\"1995769A-1AB9-47FA-966A-8E82D414161E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0\",\"versionEndExcluding\":\"4.2\",\"matchCriteriaId\":\"A608D809-6E65-4228-9207-CB470529C542\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DD16169-A7DF-4604-888C-156A60018E32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*\",\"matchCriteriaId\":\"46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*\",\"matchCriteriaId\":\"D26534EB-327B-4ED6-A3E1-005552CB1F9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*\",\"matchCriteriaId\":\"786CDD50-7E18-4437-8DB9-2D0ADECD436E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2CE8DAE-0E78-4004-983D-1ECD8855EC33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*\",\"matchCriteriaId\":\"F72A1E9C-F960-4E8C-A46C-B38209E6349E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C33CE46-F529-4EA9-9344-6ED3BFA7019D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F1D8161-0E02-45C9-BF61-14799AB65E03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F2CB1FF-6118-4875-945D-07BAA3A21FFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDDC6510-3116-4578-80C8-8EF044A8370A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*\",\"matchCriteriaId\":\"8678DB48-CB98-4E4C-ADE6-CABA73265FEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBD9A341-1FBF-4E04-848B-550DEB27261A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"4955663C-1BB6-4F3E-9D4B-362DF144B7F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE0F8453-3D6C-4F1C-9167-3F02E3D905DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update3f:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EAD4045-A7F9-464F-ABB9-3782941162CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update3k:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F0A79C2-33AE-40C5-A853-770A4C691F29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E456F84C-A86E-4EA9-9A3E-BEEA662136E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"5241C282-A02B-44B2-B6CA-BA3A99F9737C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*\",\"matchCriteriaId\":\"04A60AC7-C2EA-4DBF-9743-54D708584AFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A91B0C4-F184-459E-AFD3-DE0E351CC964\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"23253631-2655-48A8-9B00-CB984232329C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*\",\"matchCriteriaId\":\"50C2A9A8-0E66-4702-BCD4-74622108E7A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE4D3E2A-C32D-408F-B811-EF8BC86F0D34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*\",\"matchCriteriaId\":\"31CA7802-D78D-4BAD-A45A-68B601C010C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B98981B-4721-4752-BAB4-361DB5AEB86F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"04487105-980A-4943-9360-4442BF0411E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:update3a:*:*:*:*:*:*\",\"matchCriteriaId\":\"24D24E06-EB3F-4F11-849B-E66757B01466\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:update3b:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AF12716-88E2-44B5-ACD7-BCBECA130FB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:update3f:*:*:*:*:*:*\",\"matchCriteriaId\":\"3352212C-E820-47B3-BDF5-57018F5B9E81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:update3g:*:*:*:*:*:*\",\"matchCriteriaId\":\"6436ADFD-6B94-4D2A-B09B-CED4EC6CA276\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:update3j:*:*:*:*:*:*\",\"matchCriteriaId\":\"D06832CE-F946-469D-B495-6735F18D02A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FA81CCD-A05E-498C-820E-21980E92132F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EE83406-A3D9-4F75-A1A6-63831CEBEEC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB563627-C9CF-4D8A-B882-9AB65EAE9E15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCA03B2A-48B2-48AD-B8EB-9D7BB2016819\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2392D0F-D7A2-4E01-9212-1BA6C895AEBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D731C1A-9FE5-461C-97E2-6F45E4CBABE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*\",\"matchCriteriaId\":\"8725E544-2A94-4829-A683-1ECCE57A74A6\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html\",\"source\":\"security@vmware.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html\",\"source\":\"security@vmware.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html\",\"source\":\"security@vmware.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.vmware.com/security/advisories/VMSA-2021-0002.html\",\"source\":\"security@vmware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.vmware.com/security/advisories/VMSA-2021-0002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21972\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"affected\": [{\"product\": \"VMware vCenter Server\", \"vendor\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.x before 7.0 U1c\"}, {\"status\": \"affected\", \"version\": \"6.7 before 6.7 U3l\"}, {\"status\": \"affected\", \"version\": \"6.5 before 6.5 U3n\"}]}, {\"product\": \"VMware Cloud Foundation\", \"vendor\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.x before 4.2\"}, {\"status\": \"affected\", \"version\": \"3.x before 3.10.1.2\"}]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).\"}], \"problemTypes\": [{\"descriptions\": [{\"description\": \"Remote code execution vulnerability\", \"lang\": \"en\", \"type\": \"text\"}]}], \"providerMetadata\": {\"dateUpdated\": \"2021-06-24T19:06:12.000Z\", \"orgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"shortName\": \"vmware\"}, \"references\": [{\"tags\": [\"x_refsource_CONFIRM\"], \"url\": \"https://www.vmware.com/security/advisories/VMSA-2021-0002.html\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html\"}], \"x_legacyV4Record\": {\"CVE_data_meta\": {\"ASSIGNER\": \"security@vmware.com\", \"ID\": \"CVE-2021-21972\", \"STATE\": \"PUBLIC\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"product_name\": \"VMware vCenter Server\", \"version\": {\"version_data\": [{\"version_value\": \"7.x before 7.0 U1c\"}, {\"version_value\": \"6.7 before 6.7 U3l\"}, {\"version_value\": \"6.5 before 6.5 U3n\"}]}}, {\"product_name\": \"VMware Cloud Foundation\", \"version\": {\"version_data\": [{\"version_value\": \"4.x before 4.2\"}, {\"version_value\": \"3.x before 3.10.1.2\"}]}}]}, \"vendor_name\": \"n/a\"}]}}, \"data_format\": \"MITRE\", \"data_type\": \"CVE\", \"data_version\": \"4.0\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Remote code execution vulnerability\"}]}]}, \"references\": {\"reference_data\": [{\"name\": \"https://www.vmware.com/security/advisories/VMSA-2021-0002.html\", \"refsource\": \"CONFIRM\", \"url\": \"https://www.vmware.com/security/advisories/VMSA-2021-0002.html\"}, {\"name\": \"http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html\", \"refsource\": \"MISC\", \"url\": \"http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html\"}, {\"name\": \"http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html\", \"refsource\": \"MISC\", \"url\": \"http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html\"}, {\"name\": \"http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html\", \"refsource\": \"MISC\", \"url\": \"http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html\"}]}}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T18:30:23.615Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"], \"url\": \"https://www.vmware.com/security/advisories/VMSA-2021-0002.html\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html\"}]}, {\"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-21972\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-04T15:37:18.620381Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-11-03\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21972\"}}}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21972\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-04T15:37:51.601Z\"}, \"timeline\": [{\"time\": \"2021-11-03T00:00:00+00:00\", \"lang\": \"en\", \"value\": \"CVE-2021-21972 added to CISA KEV\"}], \"title\": \"CISA ADP Vulnrichment\"}]}",
      "cveMetadata": "{\"assignerOrgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"assignerShortName\": \"vmware\", \"cveId\": \"CVE-2021-21972\", \"datePublished\": \"2021-02-24T16:42:05.000Z\", \"dateReserved\": \"2021-01-04T00:00:00.000Z\", \"dateUpdated\": \"2025-10-21T23:25:54.005Z\", \"state\": \"PUBLISHED\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2021-AVI-145

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits VMWare. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
VMware	N/A	Cloud Foundation (ESXi) versions antérieures à 4.2
VMware	N/A	Cloud Foundation (vCenter Server) versions antérieures à 4.2
VMware	vCenter Server	vCenter Server versions antérieures à 6.7 U3l
VMware	ESXi	ESXi versions antérieures à ESXi670-202102401-SG
VMware	ESXi	ESXi versions antérieures à ESXi70U1c-17325551
VMware	N/A	Cloud Foundation (ESXi) versions antérieures à 3.10.1.2 ou sans le correctif de sécurité KB82705
VMware	vCenter Server	vCenter Server versions antérieures à 6.5 U3n
VMware	vCenter Server	vCenter Server versions antérieures à 7.0 U1c
VMware	ESXi	ESXi versions antérieures à ESXi650-202102101-SG
VMware	N/A	Cloud Foundation (vCenter Server) versions antérieures à 3.10.1.2

References

Title

Publication Time

Tags

Bulletin de sécurité VMWare VMSA-2021-0002 du 23 février 2021

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cloud Foundation (ESXi) versions ant\u00e9rieures \u00e0 4.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation (vCenter Server) versions ant\u00e9rieures \u00e0 4.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "vCenter Server versions ant\u00e9rieures \u00e0 6.7 U3l",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "ESXi versions ant\u00e9rieures \u00e0 ESXi670-202102401-SG",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "ESXi versions ant\u00e9rieures \u00e0 ESXi70U1c-17325551",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation (ESXi) versions ant\u00e9rieures \u00e0 3.10.1.2 ou sans le correctif de s\u00e9curit\u00e9 KB82705",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "vCenter Server versions ant\u00e9rieures \u00e0 6.5 U3n",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "vCenter Server versions ant\u00e9rieures \u00e0 7.0 U1c",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "ESXi versions ant\u00e9rieures \u00e0 ESXi650-202102101-SG",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation (vCenter Server) versions ant\u00e9rieures \u00e0 3.10.1.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-21973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21973"
    },
    {
      "name": "CVE-2021-21972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21972"
    },
    {
      "name": "CVE-2021-21974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21974"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-145",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-02-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nVMWare. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMWare",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMWare VMSA-2021-0002 du 23 f\u00e9vrier 2021",
      "url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
    }
  ]
}

CERTFR-2021-AVI-145

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits VMWare. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
VMware	N/A	Cloud Foundation (ESXi) versions antérieures à 4.2
VMware	N/A	Cloud Foundation (vCenter Server) versions antérieures à 4.2
VMware	vCenter Server	vCenter Server versions antérieures à 6.7 U3l
VMware	ESXi	ESXi versions antérieures à ESXi670-202102401-SG
VMware	ESXi	ESXi versions antérieures à ESXi70U1c-17325551
VMware	N/A	Cloud Foundation (ESXi) versions antérieures à 3.10.1.2 ou sans le correctif de sécurité KB82705
VMware	vCenter Server	vCenter Server versions antérieures à 6.5 U3n
VMware	vCenter Server	vCenter Server versions antérieures à 7.0 U1c
VMware	ESXi	ESXi versions antérieures à ESXi650-202102101-SG
VMware	N/A	Cloud Foundation (vCenter Server) versions antérieures à 3.10.1.2

References

Title

Publication Time

Tags

Bulletin de sécurité VMWare VMSA-2021-0002 du 23 février 2021

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cloud Foundation (ESXi) versions ant\u00e9rieures \u00e0 4.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation (vCenter Server) versions ant\u00e9rieures \u00e0 4.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "vCenter Server versions ant\u00e9rieures \u00e0 6.7 U3l",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "ESXi versions ant\u00e9rieures \u00e0 ESXi670-202102401-SG",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "ESXi versions ant\u00e9rieures \u00e0 ESXi70U1c-17325551",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation (ESXi) versions ant\u00e9rieures \u00e0 3.10.1.2 ou sans le correctif de s\u00e9curit\u00e9 KB82705",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "vCenter Server versions ant\u00e9rieures \u00e0 6.5 U3n",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "vCenter Server versions ant\u00e9rieures \u00e0 7.0 U1c",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "ESXi versions ant\u00e9rieures \u00e0 ESXi650-202102101-SG",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation (vCenter Server) versions ant\u00e9rieures \u00e0 3.10.1.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-21973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21973"
    },
    {
      "name": "CVE-2021-21972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21972"
    },
    {
      "name": "CVE-2021-21974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21974"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-145",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-02-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nVMWare. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMWare",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMWare VMSA-2021-0002 du 23 f\u00e9vrier 2021",
      "url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
    }
  ]
}

CERTFR-2021-ALE-003

Vulnerability from certfr_alerte - Published: - Updated:

[version du 26 février 2021]

Le CERT-FR a connaissance d'attaques en cours ciblant des serveurs vCenter exposés sur Internet. Il est urgent de procéder soit à l'application du contournement pour désactiver le greffon vulnérable soit de déployer les versions corrigeant la vulnérabilité.

[version initiale]

Le 23 février 2021, VMware a publié un avis de sécurité concernant trois vulnérabilités (cf. section documentation). La vulnérabilité CVE-2021-21972 est la plus critique. Elle permet une exécution de code arbitraire à distance par un attaquant non authentifié.

Cette vulnérabilité affecte un greffon de vCenter Server permettant la communication entre vCenter Server et la solution VMware vRealize Operations (vROPs). Ce greffon vulnérable est présent dans toutes les installations par défaut de vCenter. VMware précise que l'exploitation de la vulnérabilité est possible même si la solution vRealize Operations n'est pas utilisée.

Des preuves de concept sont disponibles publiquement et le CERT-FR a connaissance de campagnes de détection de la vulnérabilité CVE-2021-21972, il est donc urgent d'appliquer le correctif de sécurité.

De plus, le CERT-FR a constaté la présence d'instances de vCenter directement accessibles sur internet. Ceci est contraire aux bonnes pratiques.

Pour rappel, ce type de services ne doit jamais être exposé sur internet. Lorsque cela se révèle absolument nécessaire, il est fortement recommandé de recourir à des solutions d'accès sécurisés à distance.

Ainsi, de manière générale, que ce soit sur le réseau interne ou à distance, des bonnes pratiques d'hygiène informatique et de sécurité en profondeur doivent être appliquées, comme recommandé dans les guides suivants :

Contournement provisoire

Le CERT-FR recommande l'application du correctif de sécurité. Toutefois, dans les cas où cela n'est pas possible, VMware a publié des mesures de contournement provisoires:

https://kb.vmware.com/s/article/82374

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

La mise à jour d'un produit ou d'un logiciel est une opération délicate qui doit être menée avec prudence. Il est notamment recommander d'effectuer des tests autant que possible. Des dispositions doivent également être prises pour garantir la continuité de service en cas de difficultés lors de l'application des mises à jour comme des correctifs ou des changements de version.

Impacted products

Vendor	Product	Description
VMware	vCenter Server	Cloud Foundation (vCenter Server) versions 4.x antérieures à 4.2
VMware	vCenter Server	vCenter Server versions 6.5 antérieures à 6.5 U3n
VMware	vCenter Server	Cloud Foundation (vCenter Server) versions 3.x antérieures à 3.10.1.2
VMware	vCenter Server	vCenter Server versions 7.0 antérieures à 7.0 U1c
VMware	vCenter Server	vCenter Server versions 6.7 antérieures à 6.7 U3l

References

Title

Publication Time

Tags

Avis de sécurité CERT-FR CERTFR-2021-AVI-145 du 24 février 2021	2021-02-24	vendor-advisory
Bulletin de sécurité VMware VMSA-2021-0002	2021-02-12	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cloud Foundation (vCenter Server) versions 4.x ant\u00e9rieures \u00e0 4.2",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "vCenter Server versions 6.5 ant\u00e9rieures \u00e0 6.5 U3n",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation (vCenter Server) versions 3.x ant\u00e9rieures \u00e0 3.10.1.2",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "vCenter Server versions 7.0 ant\u00e9rieures \u00e0 7.0 U1c",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "vCenter Server versions 6.7 ant\u00e9rieures \u00e0 6.7 U3l",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "closed_at": "2021-05-12",
  "content": "## Contournement provisoire\n\nLe CERT-FR recommande l\u0027application du correctif de s\u00e9curit\u00e9. Toutefois,\ndans les cas o\u00f9 cela n\u0027est pas possible, VMware a publi\u00e9 des mesures de\ncontournement provisoires:\n\n-   \u003chttps://kb.vmware.com/s/article/82374\u003e\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n\n------------------------------------------------------------------------\n\nLa mise \u00e0 jour d\u0027un produit ou d\u0027un logiciel est une op\u00e9ration d\u00e9licate\nqui doit \u00eatre men\u00e9e avec prudence. Il est notamment recommander\nd\u0027effectuer des tests autant que possible. Des dispositions doivent\n\u00e9galement \u00eatre prises pour garantir la continuit\u00e9 de service en cas de\ndifficult\u00e9s lors de l\u0027application des mises \u00e0 jour comme des correctifs\nou des changements de version.\n",
  "cves": [
    {
      "name": "CVE-2021-21972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21972"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-ALE-003",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-02-25T00:00:00.000000"
    },
    {
      "description": "Mise \u00e0 jour suite \u00e0 la d\u00e9couverte d\u0027attaques en cours",
      "revision_date": "2021-02-26T00:00:00.000000"
    },
    {
      "description": "clarification des versions affect\u00e9es",
      "revision_date": "2021-03-01T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte. Cela ne signifie pas la fin d\u0027une menace. Seule l\u0027application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l\u0027exploitation de la vuln\u00e9rabilit\u00e9 correspondante.",
      "revision_date": "2021-05-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "\u003cstrong\u003e\\[version du 26 f\u00e9vrier 2021\\]\u003c/strong\u003e\n\nLe CERT-FR a connaissance d\u0027\u003cstrong\u003eattaques en cours\u003c/strong\u003e ciblant des serveurs\nvCenter expos\u00e9s sur Internet. \u003cstrong\u003eIl est urgent\u003c/strong\u003e de proc\u00e9der soit \u00e0\nl\u0027application du contournement pour d\u00e9sactiver le greffon vuln\u00e9rable\nsoit de d\u00e9ployer les versions corrigeant la vuln\u00e9rabilit\u00e9.\n\n\u003cstrong\u003e\\[version initiale\\]\u003c/strong\u003e\n\nLe 23 f\u00e9vrier 2021, VMware a publi\u00e9 un avis de s\u00e9curit\u00e9 concernant trois\nvuln\u00e9rabilit\u00e9s (cf. section documentation). La\nvuln\u00e9rabilit\u00e9\u00a0CVE-2021-21972 est la plus critique. Elle permet une\nex\u00e9cution de code arbitraire \u00e0 distance par un attaquant non\nauthentifi\u00e9.\n\nCette vuln\u00e9rabilit\u00e9 affecte un greffon de vCenter Server permettant la\ncommunication entre vCenter Server et la solution\nVMware\u00a0vRealize\u00a0Operations (vROPs). Ce greffon vuln\u00e9rable est pr\u00e9sent\ndans toutes les installations par d\u00e9faut de\u00a0vCenter. VMware pr\u00e9cise que\nl\u0027exploitation de la vuln\u00e9rabilit\u00e9 est possible m\u00eame si la solution\nvRealize Operations n\u0027est pas utilis\u00e9e.\n\nDes preuves de concept sont disponibles publiquement et le CERT-FR a\nconnaissance\u00a0de campagnes de d\u00e9tection de la\nvuln\u00e9rabilit\u00e9\u00a0CVE-2021-21972, il est donc urgent d\u0027appliquer le\ncorrectif de s\u00e9curit\u00e9.\n\nDe plus, le CERT-FR a constat\u00e9 la pr\u00e9sence d\u0027instances de vCenter\ndirectement accessibles sur internet. Ceci est contraire aux bonnes\npratiques.\n\nPour rappel, ce type de services ne doit jamais \u00eatre expos\u00e9 sur\ninternet. Lorsque cela se r\u00e9v\u00e8le absolument n\u00e9cessaire, il est fortement\nrecommand\u00e9 de recourir \u00e0 des solutions d\u0027acc\u00e8s s\u00e9curis\u00e9s \u00e0 distance.\n\nAinsi, de mani\u00e8re g\u00e9n\u00e9rale, que ce soit sur le r\u00e9seau interne ou \u00e0\ndistance, des bonnes pratiques d\u0027hygi\u00e8ne informatique et de s\u00e9curit\u00e9 en\nprofondeur doivent \u00eatre appliqu\u00e9es, comme recommand\u00e9 dans les guides\nsuivants :\n\n-   \u003chttps://www.ssi.gouv.fr/guide/recommandations-sur-le-nomadisme-numerique/\u003e\n-   \u003chttps://www.ssi.gouv.fr/administration/guide/securiser-ladministration-des-systemes-dinformation/\u003e\n-   \u003chttps://www.ssi.gouv.fr/uploads/2020/06/anssi-guide-passerelle_internet_securisee-v3.pdf\u003e\n",
  "title": "[M\u00e0J] Vuln\u00e9rabilit\u00e9 dans VMware vCenter Server",
  "vendor_advisories": [
    {
      "published_at": "2021-02-24",
      "title": "Avis de s\u00e9curit\u00e9 CERT-FR CERTFR-2021-AVI-145 du 24 f\u00e9vrier 2021",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2021-AVI-145/"
    },
    {
      "published_at": "2021-02-12",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2021-0002",
      "url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
    }
  ]
}

CERTFR-2021-ALE-003

Vulnerability from certfr_alerte - Published: - Updated:

[version du 26 février 2021]

[version initiale]

De plus, le CERT-FR a constaté la présence d'instances de vCenter directement accessibles sur internet. Ceci est contraire aux bonnes pratiques.

Contournement provisoire

Le CERT-FR recommande l'application du correctif de sécurité. Toutefois, dans les cas où cela n'est pas possible, VMware a publié des mesures de contournement provisoires:

https://kb.vmware.com/s/article/82374

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	vCenter Server	Cloud Foundation (vCenter Server) versions 4.x antérieures à 4.2
VMware	vCenter Server	vCenter Server versions 6.5 antérieures à 6.5 U3n
VMware	vCenter Server	Cloud Foundation (vCenter Server) versions 3.x antérieures à 3.10.1.2
VMware	vCenter Server	vCenter Server versions 7.0 antérieures à 7.0 U1c
VMware	vCenter Server	vCenter Server versions 6.7 antérieures à 6.7 U3l

References

Title

Publication Time

Tags

Avis de sécurité CERT-FR CERTFR-2021-AVI-145 du 24 février 2021	2021-02-24	vendor-advisory
Bulletin de sécurité VMware VMSA-2021-0002	2021-02-12	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cloud Foundation (vCenter Server) versions 4.x ant\u00e9rieures \u00e0 4.2",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "vCenter Server versions 6.5 ant\u00e9rieures \u00e0 6.5 U3n",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation (vCenter Server) versions 3.x ant\u00e9rieures \u00e0 3.10.1.2",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "vCenter Server versions 7.0 ant\u00e9rieures \u00e0 7.0 U1c",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "vCenter Server versions 6.7 ant\u00e9rieures \u00e0 6.7 U3l",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "closed_at": "2021-05-12",
  "content": "## Contournement provisoire\n\nLe CERT-FR recommande l\u0027application du correctif de s\u00e9curit\u00e9. Toutefois,\ndans les cas o\u00f9 cela n\u0027est pas possible, VMware a publi\u00e9 des mesures de\ncontournement provisoires:\n\n-   \u003chttps://kb.vmware.com/s/article/82374\u003e\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n\n------------------------------------------------------------------------\n\nLa mise \u00e0 jour d\u0027un produit ou d\u0027un logiciel est une op\u00e9ration d\u00e9licate\nqui doit \u00eatre men\u00e9e avec prudence. Il est notamment recommander\nd\u0027effectuer des tests autant que possible. Des dispositions doivent\n\u00e9galement \u00eatre prises pour garantir la continuit\u00e9 de service en cas de\ndifficult\u00e9s lors de l\u0027application des mises \u00e0 jour comme des correctifs\nou des changements de version.\n",
  "cves": [
    {
      "name": "CVE-2021-21972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21972"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-ALE-003",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-02-25T00:00:00.000000"
    },
    {
      "description": "Mise \u00e0 jour suite \u00e0 la d\u00e9couverte d\u0027attaques en cours",
      "revision_date": "2021-02-26T00:00:00.000000"
    },
    {
      "description": "clarification des versions affect\u00e9es",
      "revision_date": "2021-03-01T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte. Cela ne signifie pas la fin d\u0027une menace. Seule l\u0027application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l\u0027exploitation de la vuln\u00e9rabilit\u00e9 correspondante.",
      "revision_date": "2021-05-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "\u003cstrong\u003e\\[version du 26 f\u00e9vrier 2021\\]\u003c/strong\u003e\n\nLe CERT-FR a connaissance d\u0027\u003cstrong\u003eattaques en cours\u003c/strong\u003e ciblant des serveurs\nvCenter expos\u00e9s sur Internet. \u003cstrong\u003eIl est urgent\u003c/strong\u003e de proc\u00e9der soit \u00e0\nl\u0027application du contournement pour d\u00e9sactiver le greffon vuln\u00e9rable\nsoit de d\u00e9ployer les versions corrigeant la vuln\u00e9rabilit\u00e9.\n\n\u003cstrong\u003e\\[version initiale\\]\u003c/strong\u003e\n\nLe 23 f\u00e9vrier 2021, VMware a publi\u00e9 un avis de s\u00e9curit\u00e9 concernant trois\nvuln\u00e9rabilit\u00e9s (cf. section documentation). La\nvuln\u00e9rabilit\u00e9\u00a0CVE-2021-21972 est la plus critique. Elle permet une\nex\u00e9cution de code arbitraire \u00e0 distance par un attaquant non\nauthentifi\u00e9.\n\nCette vuln\u00e9rabilit\u00e9 affecte un greffon de vCenter Server permettant la\ncommunication entre vCenter Server et la solution\nVMware\u00a0vRealize\u00a0Operations (vROPs). Ce greffon vuln\u00e9rable est pr\u00e9sent\ndans toutes les installations par d\u00e9faut de\u00a0vCenter. VMware pr\u00e9cise que\nl\u0027exploitation de la vuln\u00e9rabilit\u00e9 est possible m\u00eame si la solution\nvRealize Operations n\u0027est pas utilis\u00e9e.\n\nDes preuves de concept sont disponibles publiquement et le CERT-FR a\nconnaissance\u00a0de campagnes de d\u00e9tection de la\nvuln\u00e9rabilit\u00e9\u00a0CVE-2021-21972, il est donc urgent d\u0027appliquer le\ncorrectif de s\u00e9curit\u00e9.\n\nDe plus, le CERT-FR a constat\u00e9 la pr\u00e9sence d\u0027instances de vCenter\ndirectement accessibles sur internet. Ceci est contraire aux bonnes\npratiques.\n\nPour rappel, ce type de services ne doit jamais \u00eatre expos\u00e9 sur\ninternet. Lorsque cela se r\u00e9v\u00e8le absolument n\u00e9cessaire, il est fortement\nrecommand\u00e9 de recourir \u00e0 des solutions d\u0027acc\u00e8s s\u00e9curis\u00e9s \u00e0 distance.\n\nAinsi, de mani\u00e8re g\u00e9n\u00e9rale, que ce soit sur le r\u00e9seau interne ou \u00e0\ndistance, des bonnes pratiques d\u0027hygi\u00e8ne informatique et de s\u00e9curit\u00e9 en\nprofondeur doivent \u00eatre appliqu\u00e9es, comme recommand\u00e9 dans les guides\nsuivants :\n\n-   \u003chttps://www.ssi.gouv.fr/guide/recommandations-sur-le-nomadisme-numerique/\u003e\n-   \u003chttps://www.ssi.gouv.fr/administration/guide/securiser-ladministration-des-systemes-dinformation/\u003e\n-   \u003chttps://www.ssi.gouv.fr/uploads/2020/06/anssi-guide-passerelle_internet_securisee-v3.pdf\u003e\n",
  "title": "[M\u00e0J] Vuln\u00e9rabilit\u00e9 dans VMware vCenter Server",
  "vendor_advisories": [
    {
      "published_at": "2021-02-24",
      "title": "Avis de s\u00e9curit\u00e9 CERT-FR CERTFR-2021-AVI-145 du 24 f\u00e9vrier 2021",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2021-AVI-145/"
    },
    {
      "published_at": "2021-02-12",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2021-0002",
      "url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
    }
  ]
}

CNVD-2021-12322

Vulnerability from cnvd - Published: 2021-02-24

Title

VMware vCenter Server远程代码执行漏洞

Description

VMware vCenterServer 提供了一个可伸缩、可扩展的平台，可集中管理 VMware vSphere 环境，并能实现资源优化分配和插件扩展。 VMware vCenter Server远程代码执行漏洞，攻击者可利用该漏洞向目标443端口发送恶意构造请求，可以在承载vCenter Server的底层操作系统上执行任意代码。

Severity

高

Patch Name

VMware vCenter Server远程代码执行漏洞的补丁

Patch Description

Formal description

目前，VMware官方已发布补丁修复此漏洞，CNVD建议用户立即升级至最新版本： https://www.vmware.com/security/advisories/VMSA-2021-00

Reference

https://www.vmware.com/security/advisories/VMSA-2021-0002.html

Impacted products

Name
['VMWare VMware vCenter Server 6.5', 'VMWare VMware vCenter Server 6.7', 'VMWare VMware vCenter Server 7.0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-21972"
    }
  },
  "description": "VMware vCenterServer \u63d0\u4f9b\u4e86\u4e00\u4e2a\u53ef\u4f38\u7f29\u3001\u53ef\u6269\u5c55\u7684\u5e73\u53f0\uff0c\u53ef\u96c6\u4e2d\u7ba1\u7406 VMware vSphere \u73af\u5883\uff0c\u5e76\u80fd\u5b9e\u73b0\u8d44\u6e90\u4f18\u5316\u5206\u914d\u548c\u63d2\u4ef6\u6269\u5c55\u3002\n\nVMware vCenter Server\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5411\u76ee\u6807443\u7aef\u53e3\u53d1\u9001\u6076\u610f\u6784\u9020\u8bf7\u6c42\uff0c\u53ef\u4ee5\u5728\u627f\u8f7dvCenter Server\u7684\u5e95\u5c42\u64cd\u4f5c\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "formalWay": "\u76ee\u524d\uff0cVMware\u5b98\u65b9\u5df2\u53d1\u5e03\u8865\u4e01\u4fee\u590d\u6b64\u6f0f\u6d1e\uff0cCNVD\u5efa\u8bae\u7528\u6237\u7acb\u5373\u5347\u7ea7\u81f3\u6700\u65b0\u7248\u672c\uff1a\r\nhttps://www.vmware.com/security/advisories/VMSA-2021-00",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-12322",
  "openTime": "2021-02-24",
  "patchDescription": "VMware vCenterServer \u63d0\u4f9b\u4e86\u4e00\u4e2a\u53ef\u4f38\u7f29\u3001\u53ef\u6269\u5c55\u7684\u5e73\u53f0\uff0c\u53ef\u96c6\u4e2d\u7ba1\u7406 VMware vSphere \u73af\u5883\uff0c\u5e76\u80fd\u5b9e\u73b0\u8d44\u6e90\u4f18\u5316\u5206\u914d\u548c\u63d2\u4ef6\u6269\u5c55\u3002\r\n\r\nVMware vCenter Server\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5411\u76ee\u6807443\u7aef\u53e3\u53d1\u9001\u6076\u610f\u6784\u9020\u8bf7\u6c42\uff0c\u53ef\u4ee5\u5728\u627f\u8f7dvCenter Server\u7684\u5e95\u5c42\u64cd\u4f5c\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "VMware vCenter Server\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "VMWare VMware vCenter Server 6.5",
      "VMWare VMware vCenter Server 6.7",
      "VMWare VMware vCenter Server 7.0"
    ]
  },
  "referenceLink": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html",
  "serverity": "\u9ad8",
  "submitTime": "2021-02-24",
  "title": "VMware vCenter Server\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

FKIE_CVE-2021-21972

Vulnerability from fkie_nvd - Published: 2021-02-24 17:15 - Updated: 2025-10-30 20:06

CISA KEV

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security@vmware.com	http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html	Exploit, Third Party Advisory, VDB Entry
security@vmware.com	http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
security@vmware.com	http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
security@vmware.com	https://www.vmware.com/security/advisories/VMSA-2021-0002.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.vmware.com/security/advisories/VMSA-2021-0002.html	Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21972	US Government Resource

Impacted products

Vendor	Product	Version
vmware	cloud_foundation	*
vmware	cloud_foundation	*
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5
vmware	vcenter_server	6.7
vmware	vcenter_server	6.7
vmware	vcenter_server	6.7
vmware	vcenter_server	6.7
vmware	vcenter_server	6.7
vmware	vcenter_server	6.7
vmware	vcenter_server	6.7
vmware	vcenter_server	6.7
vmware	vcenter_server	6.7
vmware	vcenter_server	6.7
vmware	vcenter_server	6.7
vmware	vcenter_server	6.7
vmware	vcenter_server	6.7
vmware	vcenter_server	6.7
vmware	vcenter_server	6.7
vmware	vcenter_server	7.0
vmware	vcenter_server	7.0
vmware	vcenter_server	7.0
vmware	vcenter_server	7.0
vmware	vcenter_server	7.0
vmware	vcenter_server	7.0
vmware	vcenter_server	7.0

JSON

To clipboard

{
  "cisaActionDue": "2021-11-17",
  "cisaExploitAdd": "2021-11-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "VMware vCenter Server Remote Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1995769A-1AB9-47FA-966A-8E82D414161E",
              "versionEndExcluding": "3.10.1.2",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A608D809-6E65-4228-9207-CB470529C542",
              "versionEndExcluding": "4.2",
              "versionStartIncluding": "4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
              "matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*",
              "matchCriteriaId": "CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*",
              "matchCriteriaId": "1DD16169-A7DF-4604-888C-156A60018E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*",
              "matchCriteriaId": "46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*",
              "matchCriteriaId": "D26534EB-327B-4ED6-A3E1-005552CB1F9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*",
              "matchCriteriaId": "786CDD50-7E18-4437-8DB9-2D0ADECD436E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*",
              "matchCriteriaId": "B2CE8DAE-0E78-4004-983D-1ECD8855EC33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*",
              "matchCriteriaId": "F72A1E9C-F960-4E8C-A46C-B38209E6349E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*",
              "matchCriteriaId": "2C33CE46-F529-4EA9-9344-6ED3BFA7019D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*",
              "matchCriteriaId": "9F1D8161-0E02-45C9-BF61-14799AB65E03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*",
              "matchCriteriaId": "1F2CB1FF-6118-4875-945D-07BAA3A21FFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*",
              "matchCriteriaId": "1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*",
              "matchCriteriaId": "BDDC6510-3116-4578-80C8-8EF044A8370A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*",
              "matchCriteriaId": "8678DB48-CB98-4E4C-ADE6-CABA73265FEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*",
              "matchCriteriaId": "DBD9A341-1FBF-4E04-848B-550DEB27261A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4955663C-1BB6-4F3E-9D4B-362DF144B7F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*",
              "matchCriteriaId": "CE0F8453-3D6C-4F1C-9167-3F02E3D905DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3f:*:*:*:*:*:*",
              "matchCriteriaId": "0EAD4045-A7F9-464F-ABB9-3782941162CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3k:*:*:*:*:*:*",
              "matchCriteriaId": "2F0A79C2-33AE-40C5-A853-770A4C691F29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*",
              "matchCriteriaId": "5241C282-A02B-44B2-B6CA-BA3A99F9737C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*",
              "matchCriteriaId": "04A60AC7-C2EA-4DBF-9743-54D708584AFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*",
              "matchCriteriaId": "8A91B0C4-F184-459E-AFD3-DE0E351CC964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*",
              "matchCriteriaId": "23253631-2655-48A8-9B00-CB984232329C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*",
              "matchCriteriaId": "50C2A9A8-0E66-4702-BCD4-74622108E7A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EE4D3E2A-C32D-408F-B811-EF8BC86F0D34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*",
              "matchCriteriaId": "31CA7802-D78D-4BAD-A45A-68B601C010C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*",
              "matchCriteriaId": "3B98981B-4721-4752-BAB4-361DB5AEB86F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04487105-980A-4943-9360-4442BF0411E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3a:*:*:*:*:*:*",
              "matchCriteriaId": "24D24E06-EB3F-4F11-849B-E66757B01466",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3b:*:*:*:*:*:*",
              "matchCriteriaId": "8AF12716-88E2-44B5-ACD7-BCBECA130FB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3f:*:*:*:*:*:*",
              "matchCriteriaId": "3352212C-E820-47B3-BDF5-57018F5B9E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3g:*:*:*:*:*:*",
              "matchCriteriaId": "6436ADFD-6B94-4D2A-B09B-CED4EC6CA276",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3j:*:*:*:*:*:*",
              "matchCriteriaId": "D06832CE-F946-469D-B495-6735F18D02A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
              "matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
              "matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
              "matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
              "matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
              "matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2)."
    },
    {
      "lang": "es",
      "value": "El VSphere Client (HTML5) contiene una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en un plugin de vCenter Server.\u0026#xa0;Un actor malicioso con acceso de red al puerto 443 puede explotar este problema para ejecutar comandos con privilegios no restringidos en el sistema operativo subyacente que aloja vCenter Server.\u0026#xa0;Esto afecta a VMware vCenter Server (versiones 7.x anteriores a 7.0 U1c, versiones 6.7 anteriores a 6.7 U3l y versiones 6.5 anteriores a 6.5 U3n) y VMware Cloud Foundation (versiones 4.x anteriores a 4.2 y versiones 3.x anteriores a 3.10.1.2)"
    }
  ],
  "id": "CVE-2021-21972",
  "lastModified": "2025-10-30T20:06:27.130",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2021-02-24T17:15:15.833",
  "references": [
    {
      "source": "security@vmware.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html"
    },
    {
      "source": "security@vmware.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html"
    },
    {
      "source": "security@vmware.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html"
    },
    {
      "source": "security@vmware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21972"
    }
  ],
  "sourceIdentifier": "security@vmware.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

GHSA-C9CR-34RR-8GPR

Vulnerability from github – Published: 2022-05-24 17:43 – Updated: 2025-10-22 00:32

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-21972"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-02-24T17:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).",
  "id": "GHSA-c9cr-34rr-8gpr",
  "modified": "2025-10-22T00:32:03Z",
  "published": "2022-05-24T17:43:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21972"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21972"
    },
    {
      "type": "WEB",
      "url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2021-21972

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-21972

Aliases

CVE-2021-21972

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-21972",
    "description": "The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).",
    "id": "GSD-2021-21972",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2021-21972"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-21972"
      ],
      "details": "The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).",
      "id": "GSD-2021-21972",
      "modified": "2023-12-13T01:23:10.393898Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2021-21972",
      "dateAdded": "2021-11-03",
      "dueDate": "2021-11-17",
      "product": "vCenter Server",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.",
      "vendorProject": "VMware",
      "vulnerabilityName": "VMware vCenter Server Remote Code Execution Vulnerability"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@vmware.com",
        "ID": "CVE-2021-21972",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "VMware vCenter Server",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "7.x before 7.0 U1c"
                        },
                        {
                          "version_value": "6.7 before 6.7 U3l"
                        },
                        {
                          "version_value": "6.5 before 6.5 U3n"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "VMware Cloud Foundation",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "4.x before 4.2"
                        },
                        {
                          "version_value": "3.x before 3.10.1.2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2)."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Remote code execution vulnerability"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html",
            "refsource": "CONFIRM",
            "url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
          },
          {
            "name": "http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html"
          },
          {
            "name": "http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html"
          },
          {
            "name": "http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "cisaActionDue": "2021-11-17",
        "cisaExploitAdd": "2021-11-03",
        "cisaRequiredAction": "Apply updates per vendor instructions.",
        "cisaVulnerabilityName": "VMware vCenter Server Remote Code Execution Vulnerability",
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "1995769A-1AB9-47FA-966A-8E82D414161E",
                    "versionEndExcluding": "3.10.1.2",
                    "versionStartIncluding": "3.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "A608D809-6E65-4228-9207-CB470529C542",
                    "versionEndExcluding": "4.2",
                    "versionStartIncluding": "4.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
                    "matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*",
                    "matchCriteriaId": "CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*",
                    "matchCriteriaId": "1DD16169-A7DF-4604-888C-156A60018E32",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*",
                    "matchCriteriaId": "46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*",
                    "matchCriteriaId": "D26534EB-327B-4ED6-A3E1-005552CB1F9D",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*",
                    "matchCriteriaId": "786CDD50-7E18-4437-8DB9-2D0ADECD436E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*",
                    "matchCriteriaId": "B2CE8DAE-0E78-4004-983D-1ECD8855EC33",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*",
                    "matchCriteriaId": "F72A1E9C-F960-4E8C-A46C-B38209E6349E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*",
                    "matchCriteriaId": "2C33CE46-F529-4EA9-9344-6ED3BFA7019D",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*",
                    "matchCriteriaId": "9F1D8161-0E02-45C9-BF61-14799AB65E03",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*",
                    "matchCriteriaId": "1F2CB1FF-6118-4875-945D-07BAA3A21FFA",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*",
                    "matchCriteriaId": "1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*",
                    "matchCriteriaId": "BDDC6510-3116-4578-80C8-8EF044A8370A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*",
                    "matchCriteriaId": "8678DB48-CB98-4E4C-ADE6-CABA73265FEC",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*",
                    "matchCriteriaId": "DBD9A341-1FBF-4E04-848B-550DEB27261A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*",
                    "matchCriteriaId": "4955663C-1BB6-4F3E-9D4B-362DF144B7F1",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*",
                    "matchCriteriaId": "CE0F8453-3D6C-4F1C-9167-3F02E3D905DC",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3f:*:*:*:*:*:*",
                    "matchCriteriaId": "0EAD4045-A7F9-464F-ABB9-3782941162CC",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3k:*:*:*:*:*:*",
                    "matchCriteriaId": "2F0A79C2-33AE-40C5-A853-770A4C691F29",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
                    "matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*",
                    "matchCriteriaId": "5241C282-A02B-44B2-B6CA-BA3A99F9737C",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*",
                    "matchCriteriaId": "04A60AC7-C2EA-4DBF-9743-54D708584AFA",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*",
                    "matchCriteriaId": "8A91B0C4-F184-459E-AFD3-DE0E351CC964",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*",
                    "matchCriteriaId": "23253631-2655-48A8-9B00-CB984232329C",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*",
                    "matchCriteriaId": "50C2A9A8-0E66-4702-BCD4-74622108E7A6",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*",
                    "matchCriteriaId": "EE4D3E2A-C32D-408F-B811-EF8BC86F0D34",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*",
                    "matchCriteriaId": "31CA7802-D78D-4BAD-A45A-68B601C010C6",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*",
                    "matchCriteriaId": "3B98981B-4721-4752-BAB4-361DB5AEB86F",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*",
                    "matchCriteriaId": "04487105-980A-4943-9360-4442BF0411E6",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3a:*:*:*:*:*:*",
                    "matchCriteriaId": "24D24E06-EB3F-4F11-849B-E66757B01466",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3b:*:*:*:*:*:*",
                    "matchCriteriaId": "8AF12716-88E2-44B5-ACD7-BCBECA130FB8",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3f:*:*:*:*:*:*",
                    "matchCriteriaId": "3352212C-E820-47B3-BDF5-57018F5B9E81",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3g:*:*:*:*:*:*",
                    "matchCriteriaId": "6436ADFD-6B94-4D2A-B09B-CED4EC6CA276",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3j:*:*:*:*:*:*",
                    "matchCriteriaId": "D06832CE-F946-469D-B495-6735F18D02A0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
                    "matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
                    "matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
                    "matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
                    "matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
                    "matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
                    "matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
                    "matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2)."
          },
          {
            "lang": "es",
            "value": "El VSphere Client (HTML5) contiene una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en un plugin de vCenter Server.\u0026#xa0;Un actor malicioso con acceso de red al puerto 443 puede explotar este problema para ejecutar comandos con privilegios no restringidos en el sistema operativo subyacente que aloja vCenter Server.\u0026#xa0;Esto afecta a VMware vCenter Server (versiones 7.x anteriores a 7.0 U1c, versiones 6.7 anteriores a 6.7 U3l y versiones 6.5 anteriores a 6.5 U3n) y VMware Cloud Foundation (versiones 4.x anteriores a 4.2 y versiones 3.x anteriores a 3.10.1.2)"
          }
        ],
        "id": "CVE-2021-21972",
        "lastModified": "2024-02-13T16:44:51.980",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "HIGH",
              "cvssData": {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "integrityImpact": "COMPLETE",
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              "exploitabilityScore": 10.0,
              "impactScore": 10.0,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ],
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 5.9,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2021-02-24T17:15:15.833",
        "references": [
          {
            "source": "security@vmware.com",
            "tags": [
              "Exploit",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html"
          },
          {
            "source": "security@vmware.com",
            "tags": [
              "Exploit",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html"
          },
          {
            "source": "security@vmware.com",
            "tags": [
              "Exploit",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html"
          },
          {
            "source": "security@vmware.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
          }
        ],
        "sourceIdentifier": "security@vmware.com",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-22"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-21972 (GCVE-0-2021-21972)

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Vendor Report Successful Exploitation Confidence: 80% Source: cisa-kev

Details

References

Solution

Solution

Contournement provisoire

Solution

Contournement provisoire

Solution

Tags

Sightings

Nomenclature