CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-21993

The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. An authorised user with access to content library may exploit this issue by sending a POST request to vCenter Server leading to information disclosure.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.4%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

Products affected by CVE-2021-21993

Vmware » Cloud Foundation » Version: 3.0

cpe:2.3:a:vmware:cloud_foundation:3.0
Vmware » Cloud Foundation » Version: 3.0.1

cpe:2.3:a:vmware:cloud_foundation:3.0.1
Vmware » Cloud Foundation » Version: 3.0.1.1

cpe:2.3:a:vmware:cloud_foundation:3.0.1.1
Vmware » Cloud Foundation » Version: 3.10

cpe:2.3:a:vmware:cloud_foundation:3.10
Vmware » Cloud Foundation » Version: 3.10.1

cpe:2.3:a:vmware:cloud_foundation:3.10.1
Vmware » Cloud Foundation » Version: 3.10.1.1

cpe:2.3:a:vmware:cloud_foundation:3.10.1.1
Vmware » Cloud Foundation » Version: 3.10.1.2

cpe:2.3:a:vmware:cloud_foundation:3.10.1.2
Vmware » Cloud Foundation » Version: 3.10.2.1

cpe:2.3:a:vmware:cloud_foundation:3.10.2.1
Vmware » Cloud Foundation » Version: 3.10.2.2

cpe:2.3:a:vmware:cloud_foundation:3.10.2.2
Vmware » Cloud Foundation » Version: 3.11

cpe:2.3:a:vmware:cloud_foundation:3.11
Vmware » Cloud Foundation » Version: 3.11.0.1

cpe:2.3:a:vmware:cloud_foundation:3.11.0.1
Vmware » Cloud Foundation » Version: 3.5

cpe:2.3:a:vmware:cloud_foundation:3.5
Vmware » Cloud Foundation » Version: 3.5.1

cpe:2.3:a:vmware:cloud_foundation:3.5.1
Vmware » Cloud Foundation » Version: 3.7

cpe:2.3:a:vmware:cloud_foundation:3.7
Vmware » Cloud Foundation » Version: 3.7.1

cpe:2.3:a:vmware:cloud_foundation:3.7.1
Vmware » Cloud Foundation » Version: 3.7.2

cpe:2.3:a:vmware:cloud_foundation:3.7.2
Vmware » Cloud Foundation » Version: 3.8

cpe:2.3:a:vmware:cloud_foundation:3.8
Vmware » Cloud Foundation » Version: 3.8.1

cpe:2.3:a:vmware:cloud_foundation:3.8.1
Vmware » Cloud Foundation » Version: 3.9

cpe:2.3:a:vmware:cloud_foundation:3.9
Vmware » Cloud Foundation » Version: 3.9.1

cpe:2.3:a:vmware:cloud_foundation:3.9.1
Vmware » Cloud Foundation » Version: 4.0

cpe:2.3:a:vmware:cloud_foundation:4.0
Vmware » Cloud Foundation » Version: 4.0.1

cpe:2.3:a:vmware:cloud_foundation:4.0.1
Vmware » Cloud Foundation » Version: 4.1

cpe:2.3:a:vmware:cloud_foundation:4.1
Vmware » Cloud Foundation » Version: 4.1.0.1

cpe:2.3:a:vmware:cloud_foundation:4.1.0.1
Vmware » Cloud Foundation » Version: 4.2

cpe:2.3:a:vmware:cloud_foundation:4.2
Vmware » Cloud Foundation » Version: 4.2.1

cpe:2.3:a:vmware:cloud_foundation:4.2.1
Vmware » Cloud Foundation » Version: 4.3

cpe:2.3:a:vmware:cloud_foundation:4.3
Vmware » Cloud Foundation » Version: 4.3.1

cpe:2.3:a:vmware:cloud_foundation:4.3.1
Vmware » Cloud Foundation » Version: 4.3.11

cpe:2.3:a:vmware:cloud_foundation:4.3.11
Vmware » Cloud Foundation » Version: 4.4

cpe:2.3:a:vmware:cloud_foundation:4.4
Vmware » Cloud Foundation » Version: 4.4.1

cpe:2.3:a:vmware:cloud_foundation:4.4.1
Vmware » Cloud Foundation » Version: 4.4.1.1

cpe:2.3:a:vmware:cloud_foundation:4.4.1.1
Vmware » Cloud Foundation » Version: 4.5

cpe:2.3:a:vmware:cloud_foundation:4.5
Vmware » Cloud Foundation » Version: 4.5.1

cpe:2.3:a:vmware:cloud_foundation:4.5.1
Vmware » Cloud Foundation » Version: 4.5.2

cpe:2.3:a:vmware:cloud_foundation:4.5.2
Vmware » Vcenter Server » Version: 6.5

cpe:2.3:a:vmware:vcenter_server:6.5
Vmware » Vcenter Server » Version: 6.7

cpe:2.3:a:vmware:vcenter_server:6.7
Vmware » Vcenter Server » Version: 7.0

cpe:2.3:a:vmware:vcenter_server:7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-21993

Products

Pricing

Contact Us