The vCenter Server contains an authenticated code execution vulnerability in VAMI (Virtual Appliance Management Infrastructure). An authenticated VAMI user with network access to port 5480 on vCenter Server may exploit this issue to execute code on the underlying operating system that hosts vCenter Server.
References
Link | Resource |
---|---|
https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2021-09-23 05:15
Updated : 2021-09-27 07:20
NVD link : CVE-2021-22014
Mitre link : CVE-2021-22014
JSON object : View
CWE
Products Affected
vmware
- cloud_foundation
- vcenter_server