Vulnerability Details CVE-2021-22055
The SchedulerServer in Vmware photon allows remote attackers to inject logs through \r in the package parameter. Attackers can also insert malicious data and fake entries.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.8%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
Products affected by CVE-2021-22055
-
cpe:2.3:o:vmware:photon_os:-
-
cpe:2.3:o:vmware:photon_os:1.0
-
cpe:2.3:o:vmware:photon_os:2.0
-
cpe:2.3:o:vmware:photon_os:3.0
-
cpe:2.3:o:vmware:photon_os:4.0