2 matches found
CVE-2021-22008
The vCenter Server contains an information disclosure vulnerability in VAPI vCenter API service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by sending a specially crafted json-rpc message to gain access to sensitive information...
CVE-2021-22008
CVE-2021-22008 is an information-disclosure flaw in VMware vCenter Server’s VAPI service. With network access to port 443, an attacker can send a crafted json-rpc message to access sensitive data. Public references (NVD/Red Hat/CNVD) describe the vulnerability similarly and cite VMware’s VMSA-202...