CVE-2021-21994
published 2021-07-13CVE-2021-21994: SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB authentication by sending a specially crafted request.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | cloud_foundation | >= 3.0 < 3.10.2 | 3.10.2 |
| vmware | cloud_foundation | >= 4.0 < 4.3 | 4.3 |
| vmware | esxi | — | — |
| vmware | esxi | — | — |
| vmware | esxi | — | — |