CVE-2021-21995
published 2021-07-13CVE-2021-21995: OpenSLP as used in ESXi has a denial-of-service vulnerability due a heap out-of-bounds read issue. A malicious actor with network access to port 427 on ESXi…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
OpenSLP as used in ESXi has a denial-of-service vulnerability due a heap out-of-bounds read issue. A malicious actor with network access to port 427 on ESXi may be able to trigger a heap out-of-bounds read in OpenSLP service resulting in a denial-of-service condition.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | cloud_foundation | >= 3.0 < 3.10.2 | 3.10.2 |
| vmware | cloud_foundation | >= 4.0 < 4.3 | 4.3 |
| vmware | esxi | — | — |
| vmware | esxi | — | — |
| vmware | esxi | — | — |