Vulnerability Details CVE-2021-22017
Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.799
EPSS Ranking 99.0%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
Proposed Action
Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization.
Ransomware Campaign
Unknown
References
Products affected by CVE-2021-22017
-
cpe:2.3:a:vmware:vcenter_server:6.7