CVE-2021-21994Improper Authentication in Vmware Esxi

CWE-287Improper Authentication4 documents4 sources
Severity
9.8CRITICALNVD
EPSS
0.4%
top 40.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Vmware Cloud FoundationVmware Esxi
Timeline
PublishedJul 13
Latest updateMay 24

Description

SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB authentication by sending a specially crafted request.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDvmware/esxi6.5, 6.7, 7.0+2
NVDvmware/cloud_foundation3.03.10.2+1

🔴Vulnerability Details

2
GHSA
GHSA-4643-h6pq-84f9: SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability2022-05-24
CVEList
CVE-2021-21994: SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability2021-07-13

📋Vendor Advisories

1
VMware
VMware ESXi updates address authentication and denial of service vulnerabilities (CVE-2021-21994, CVE-2021-21995)2021-07-13
CVE-2021-21994 — Improper Authentication in Vmware Esxi | cvebase