Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2021-21991

🗓️ 22 Sep 2021 18:59:08Reported by vmwareType 
cve
 cve🔗 web.nvd.nist.gov👁 131 Views

vCenter Server local privilege escalation vulnerability due to handling of session tokens

Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: Multiple Vulnerabilities in VMware vCenter affect IBM Cloud Pak System
6 May 202221:11
ibm
Circl		CVE-2021-21991
22 Sep 202122:29
circl
CNNVD		VMware vCenter Server 权限许可和访问控制问题漏洞
21 Sep 202100:00
cnnvd
CNVD		Vmware VMware vCenter Server Elevation of Privilege Vulnerability
24 Sep 202100:00
cnvd
Cvelist		CVE-2021-21991
22 Sep 202118:59
cvelist
EUVD		EUVD-2021-9162
3 Oct 202520:07
euvd
NCSC		Vulnerabilities fixed in VMware vCenter Server
22 Sep 202100:00
ncsc
NVD		CVE-2021-21991
22 Sep 202119:15
nvd
OSV		CVE-2021-21991
22 Sep 202119:15
osv
Prion		Privilege escalation
22 Sep 202119:15
prion
Rows per page
NVD
Node
vmwarecloud_foundationRange3.03.10.2.2
OR
vmwarecloud_foundationRange4.04.3
OR
vmwarevcenter_serverMatch6.5-
OR
vmwarevcenter_serverMatch6.5a
OR
vmwarevcenter_serverMatch6.5b
OR
vmwarevcenter_serverMatch6.5c
OR
vmwarevcenter_serverMatch6.5d
OR
vmwarevcenter_serverMatch6.5e
OR
vmwarevcenter_serverMatch6.5f
OR
vmwarevcenter_serverMatch6.5update1
OR
vmwarevcenter_serverMatch6.5update1b
OR
vmwarevcenter_serverMatch6.5update1c
OR
vmwarevcenter_serverMatch6.5update1d
OR
vmwarevcenter_serverMatch6.5update1e
OR
vmwarevcenter_serverMatch6.5update1g
OR
vmwarevcenter_serverMatch6.5update2
OR
vmwarevcenter_serverMatch6.5update2b
OR
vmwarevcenter_serverMatch6.5update2c
OR
vmwarevcenter_serverMatch6.5update2d
OR
vmwarevcenter_serverMatch6.5update2g
OR
vmwarevcenter_serverMatch6.5update3
OR
vmwarevcenter_serverMatch6.5update3d
OR
vmwarevcenter_serverMatch6.5update3f
OR
vmwarevcenter_serverMatch6.5update3k
OR
vmwarevcenter_serverMatch6.5update3n
OR
vmwarevcenter_serverMatch6.5update3p
OR
vmwarevcenter_serverMatch6.7
OR
vmwarevcenter_serverMatch6.7-
OR
vmwarevcenter_serverMatch6.7a
OR
vmwarevcenter_serverMatch6.7b
OR
vmwarevcenter_serverMatch6.7d
OR
vmwarevcenter_serverMatch6.7update1
OR
vmwarevcenter_serverMatch6.7update1b
OR
vmwarevcenter_serverMatch6.7update2
OR
vmwarevcenter_serverMatch6.7update2a
OR
vmwarevcenter_serverMatch6.7update2c
OR
vmwarevcenter_serverMatch6.7update3
OR
vmwarevcenter_serverMatch6.7update3a
OR
vmwarevcenter_serverMatch6.7update3b
OR
vmwarevcenter_serverMatch6.7update3f
OR
vmwarevcenter_serverMatch6.7update3g
OR
vmwarevcenter_serverMatch6.7update3j
OR
vmwarevcenter_serverMatch6.7update3l
OR
vmwarevcenter_serverMatch6.7update3m
OR
vmwarevcenter_serverMatch6.7update3n
OR
vmwarevcenter_serverMatch7.0-
OR
vmwarevcenter_serverMatch7.0a
OR
vmwarevcenter_serverMatch7.0b
OR
vmwarevcenter_serverMatch7.0c
OR
vmwarevcenter_serverMatch7.0d
OR
vmwarevcenter_serverMatch7.0update1
OR
vmwarevcenter_serverMatch7.0update1a
OR
vmwarevcenter_serverMatch7.0update1c
OR
vmwarevcenter_serverMatch7.0update1d
OR
vmwarevcenter_serverMatch7.0update2
OR
vmwarevcenter_serverMatch7.0update2a
OR
vmwarevcenter_serverMatch7.0update2b
[
  {
    "product": "VMware vCenter Server, VMware Cloud Foundation",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Nov 2024 05:49Current
8.3High risk
Vulners AI Score8.3
CVSS 24.6
CVSS 3.17.8
EPSS0.00195
cve-2021-21991vcenter serverprivilege escalationsession tokensnvd
131