5 matches found
VMware vCenter Server SSRF (CVE-2021-21973) (Direct Check)
Binary data vmwarevcentercve-2021-21973.nbin...
CVE-2021-21973
creationtimestamp| type| source ---|---|--- 2021-02-25 05:56:04+00:00| published-proof-of-concept| https://t.me/infobes/286 2021-02-25 09:32:59+00:00| seen| MISP/f5a2b241-a2c4-45f6-91ae-cb88bf44dfbf 2021-03-01 11:00:27+00:00| seen| https://t.me/CyberSecurityTechnologies/2807 2021-03-07...
VMware vCenter Server 6.5 / 6.7 / 7.0 Multiple Vulnerabilities (VMSA-2021-0002)
The version of VMware vCenter Server installed on the remote host is 6.5 prior to 6.5 U3n, 6.7 prior to 6.7 U3l or 7.0 prior to 7.0 U1c. It is, therefore, affected by multiple vulnerabilities, as follows: - The vSphere Client HTML5 contains a remote code execution vulnerability in a vCenter Serve...
CVE-2021-21973
CVE-2021-21973 is a VMware vSphere Client (HTML5) SSRF vulnerability in which URL validation for a vCenter Server plugin is improper, allowing an attacker with network access to port 443 to trigger information disclosure via a crafted POST to the vulnerable endpoint. Affected products/versions in...
Critical RCE Flaws Affect VMware ESXi and vSphere Client — Patch Now
VMware has addressed multiple critical remote code execution RCE vulnerabilities in VMware ESXi and vSphere Client virtual infrastructure management platform that may allow attackers to execute arbitrary commands and take control of affected systems. "A malicious actor with network access to port...