Vulnerability Details CVE-2021-21976
vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6.5.x prior to 6.5.1.5 contain a post-authentication command injection vulnerability which may allow an authenticated admin user to perform a remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 80.9%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
References
Products affected by CVE-2021-21976
-
cpe:2.3:a:vmware:vsphere_replication:6.5.0
-
cpe:2.3:a:vmware:vsphere_replication:8.1.0
-
cpe:2.3:a:vmware:vsphere_replication:8.2.0
-
cpe:2.3:a:vmware:vsphere_replication:8.3.0