CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-21995

OpenSLP as used in ESXi has a denial-of-service vulnerability due a heap out-of-bounds read issue. A malicious actor with network access to port 427 on ESXi may be able to trigger a heap out-of-bounds read in OpenSLP service resulting in a denial-of-service condition.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.1%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://www.vmware.com/security/advisories/VMSA-2021-0014.html
https://www.vmware.com/security/advisories/VMSA-2021-0014.html

Products affected by CVE-2021-21995

Vmware » Cloud Foundation » Version: Any

cpe:2.3:o:vmware:cloud_foundation:*
Vmware » Cloud Foundation » Version: 4.1.0.1

cpe:2.3:o:vmware:cloud_foundation:4.1.0.1
Vmware » Esxi » Version: 6.5

cpe:2.3:o:vmware:esxi:6.5
Vmware » Esxi » Version: 6.7

cpe:2.3:o:vmware:esxi:6.7
Vmware » Esxi » Version: 7.0

cpe:2.3:o:vmware:esxi:7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-21995

Products

Pricing

Contact Us