CVE-2021-22014
Summary
| CVE | CVE-2021-22014 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-09-23 12:15:00 UTC |
| Updated | 2021-09-27 14:20:00 UTC |
| Description | The vCenter Server contains an authenticated code execution vulnerability in VAMI (Virtual Appliance Management Infrastructure). An authenticated VAMI user with network access to port 5480 on vCenter Server may exploit this issue to execute code on the underlying operating system that hosts vCenter Server. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Vmware | Cloud Foundation | All | All | All | All |
| Application | Vmware | Vcenter Server | 6.5 | - | All | All |
| Application | Vmware | Vcenter Server | 6.7 | - | All | All |
| Application | Vmware | Vcenter Server | 7.0 | - | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| VMSA-2021-0020 | MISC | www.vmware.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.