CVE-2021-22005
VMware vCenter Server File Upload Vulnerability
CVSS
—
No CVSS
EPSS
100.0%
p100
KEV
YES
Nov 3, 2021
Exploit Today
80
0-100
Published: — · Last modified: —
100.0%EPSS · 30 days100.0%
2026-06-302026-07-16
Product
VMware / vCenter Server
Vulnerability
VMware vCenter Server File Upload Vulnerability
Added to KEV
Nov 3, 2021
Remediate by
Nov 17, 2021
Known ransomware use
Yes
Summary description
VMware vCenter Server contains a file upload vulnerability in the Analytics service that allows a user with network access to port 443 to execute code.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-22005
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2021-21985—100.0%
KEV—80VMware vCenter Server Improper Input Validation Vulnerability—CVE-2021-21972—99.9%
KEV—80VMware vCenter Server Remote Code Execution Vulnerability—CVE-2023-34048—99.9%
KEV—80VMware vCenter Server Out-of-Bounds Write Vulnerability—CVE-2020-3952—99.8%
KEV—80VMware vCenter Server Information Disclosure Vulnerability—CVE-2024-38812—98.9%
KEV—80VMware vCenter Server Heap-Based Buffer Overflow Vulnerability—CVE-2021-22017—98.7%
KEV—80VMware vCenter Server Improper Access Control—