CVE-2021-22017
VMware vCenter Server Improper Access Control
CVSS
—
Sin CVSS
EPSS
47.6%
p99
KEV
SÍ
10 ene 2022
Exploit Today
80
0-100
Publicado: — · Última mod.: —
46.7%EPSS · 30 días47.6%
2026-06-302026-07-16
Producto
VMware / vCenter Server
Vulnerabilidad
VMware vCenter Server Improper Access Control
Añadido a KEV
10 ene 2022
Remediar antes de
24 ene 2022
Uso conocido en ransomware
No
Descripción resumida
Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization.
Acción requerida
Apply updates per vendor instructions.
Notas
https://nvd.nist.gov/vuln/detail/CVE-2021-22017
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2021-21985—100.0%
KEV—80VMware vCenter Server Improper Input Validation Vulnerability—CVE-2021-22005—100.0%
KEV—80VMware vCenter Server File Upload Vulnerability—CVE-2023-34048—99.9%
KEV—80VMware vCenter Server Out-of-Bounds Write Vulnerability—CVE-2021-21972—99.9%
KEV—80VMware vCenter Server Remote Code Execution Vulnerability—CVE-2020-3952—99.8%
KEV—80VMware vCenter Server Information Disclosure Vulnerability—CVE-2024-38812—98.9%
KEV—80VMware vCenter Server Heap-Based Buffer Overflow Vulnerability—