5 matches found
CVE-2021-22017
creationtimestamp| type| source ---|---|--- 2021-09-23 16:29:48+00:00| seen| https://t.me/cibsecurity/29284 2023-06-14 21:10:04+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-12-05 02:09:02+00:00| seen| https://t.me/arpsyndicate/1364 2024-12-24 20:25:55+00:00| seen|...
CVE-2021-22017
Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed...
CVE-2021-22017
Summary of CVE-2021-22017 : VMware vCenter Server’s rhttp proxy (rhttproxy) has an improper URI normalization implementation that can be exploited by a remote attacker with network access to port 443 to bypass proxy restrictions and access internal endpoints. The vulnerability affects vCenter Ser...
VMware vCenter Server < 6.7 Multiple Vulnerabilities (VMSA-2021-0020)
The version of VMware vCenter Server installed on the remote host is 6.7 prior to 6.7 U3o. It is, therefore, affected by multiple vulnerabilities: - A privilege escalation vulnerability exists in vCenter Server due to the way it handles session tokens. An authenticated, local attacker can exploit...
VMware vCenter Server < 6.5 U3q Multiple Vulnerabilities (VMSA-2021-0020)
The version of VMware vCenter Server installed on the remote host is 6.5 prior to 6.5 U3q. It is, therefore, affected by multiple vulnerabilities: - A privilege escalation vulnerability exists in vCenter Server due to the way it handles session tokens. An authenticated, local attacker can exploit...