logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2021-21985

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2021-21985

Description:
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.
Last updated date:
09/14/2021

Reports

alt

ACTIVELY EXPLOITED

Type:
exploitation
Confidence:
HIGH
Date of publishing:
06/05/2021
Reference url to background

https://www.rapid7.com/blog/post/2021/05/26/cve-2021-21985-vcenter-server-what-you-need-to-know/

Type:
exploitation
Confidence:
HIGH
Date of publishing:
11/03/2021
Type:
exploit
Confidence:
HIGH
Date of publishing:
05/29/2021
Type:
exploit
Confidence:
HIGH
Date of publishing:
06/01/2021
Type:
exploit
Confidence:
HIGH
Date of publishing:
06/03/2021
Type:
exploit
Confidence:
HIGH
Date of publishing:
06/03/2021
Type:
exploit
Confidence:
HIGH
Date of publishing:
06/04/2021
Type:
exploit
Confidence:
HIGH
Date of publishing:
06/05/2021
Type:
exploit
Confidence:
HIGH
Date of publishing:
07/12/2021
Type:
exploit
Confidence:
HIGH
Date of publishing:
09/14/2021
Type:
exploit
Confidence:
HIGH
Date of publishing:
11/09/2021
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2023

Privacy Policy