The vulnerability of the management tool for virtual infrastructure, VMware vCenter Server, and the virtualization platform, VMware Cloud Foundation, arises from the lack of protective measures for the website structure. This allows attackers to redirect users to malicious web pages.

🗓️ 08 Oct 2021 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 4 Views

Vulnerability in VMware vCenter Server and VMware Cloud Foundation due to weak website structure protection.

Reporter	Title	Published	Views	Family All 16
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in VMware vCenter affect IBM Cloud Pak System	6 May 202221:11	–	ibm
Circl	CVE-2021-22016	23 Sep 202116:29	–	circl
CNNVD	Vmware VMware vCenter Server 跨站脚本漏洞	21 Sep 202100:00	–	cnnvd
CNVD	VMware vCenter Server Cross-Site Scripting Vulnerability (CNVD-2021-74276)	24 Sep 202100:00	–	cnvd
CVE	CVE-2021-22016	23 Sep 202112:12	–	cve
Cvelist	CVE-2021-22016	23 Sep 202112:12	–	cvelist
EUVD	EUVD-2021-9185	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in VMware vCenter Server	22 Sep 202100:00	–	ncsc
NVD	CVE-2021-22016	23 Sep 202113:15	–	nvd
OSV	CVE-2021-22016	23 Sep 202113:15	–	osv

Vulners

Node

broadcom vmware_cloudRange3.0–3.10.2.2

Source	Link
vmware	www.vmware.com/security/advisories/VMSA-2021-0020.html
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2021092118
web	www.web.nvd.nist.gov/view/vuln/detail

08 Oct 2021 00:00Current

7.1High risk

Vulners AI Score7.1

CVSS 24.3

CVSS 36.1

EPSS0.0087

website structure malicious redirects cloud foundation vcenter server