CVE-2021-22049 — Server-Side Request Forgery in Vmware Vcenter Server

CWE-918 — Server-Side Request Forgery4 documents4 sources

Severity

9.8CRITICALNVD

EPSS

0.7%

top 28.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware Vcenter Server

Timeline

PublishedNov 24

Latest updateNov 25

Description

The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Request Forgery) vulnerability in the vSAN Web Client (vSAN UI) plug-in. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

▶NVDvmware/vcenter_server6.5, 6.7, 7.0+2

Patches

Patch: www.vmware.com ↗Patch: www.vmware.com ↗

🔴Vulnerability Details

GHSA

GHSA-rw92-2qph-cjf9: The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Request Forgery) vulnerability in the vSAN Web Client (vSAN UI) plug-in↗2021-11-25

▶

CVEList

CVE-2021-22049: The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Request Forgery) vulnerability in the vSAN Web Client (vSAN UI) plug-in↗2021-11-24

▶

📋Vendor Advisories

VMware

VMware vCenter Server updates address arbitrary file read and SSRF vulnerabilities (CVE-2021-21980, CVE-2021-22049)↗2021-11-23

▶