CVE-2021-21972
Description
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
93.821
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in VMware vCenter 6.5 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-a | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-b | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-c | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-d | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-e | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-f | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-u1d | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-u1e | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-u1g | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-u2 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-u2b | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-u2c | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-u2d | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-u2g | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-u3 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-u3d | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973,CVE-2021-21985,CVE-2021-21986 are affected in VMware vCenter 6.5-u3f | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973,CVE-2021-21985,CVE-2021-21986 are affected in VMware vCenter 6.5-u3k | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-update1d | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-update1e | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-update1g | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-update2 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-update2b | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-update2c | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-update2d | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-update2g | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-update3 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-update3d | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-update3f | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.5-update3k | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-a | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-b | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-d | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-u1 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-u1b | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-u2 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-u2a | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-u2c | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973,CVE-2021-21985 are affected in VMware vCenter 6.7-u3 | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973,CVE-2021-21985 are affected in VMware vCenter 6.7-u3a | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973,CVE-2021-21985 are affected in VMware vCenter 6.7-u3b | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973,CVE-2021-21985 are affected in VMware vCenter 6.7-u3f | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973,CVE-2021-21985 are affected in VMware vCenter 6.7-u3g | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973,CVE-2021-21985 are affected in VMware vCenter 6.7-u3j | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-update1 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-update1b | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-update2 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-update2a | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-update2c | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-update3 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-update3a | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-update3b | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-update3f | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-update3g | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 6.7-update3j | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 7.0 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 7.0-a | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 7.0-b | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 7.0-c | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 7.0-d | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973 are affected in VMware vCenter 7.0-u1 | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973 are affected in VMware vCenter 7.0-u1a | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 7.0-update1 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter 7.0-update1a | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-u3d | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-a | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-b | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-c | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-d | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-u1d | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-u1e | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-u1g | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-u2 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-u2b | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-u2c | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-u2d | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-u2g | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-update1d | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-update1e | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-update1g | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-update2 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-update2b | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-update2c | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-update2d | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-update2g | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-a | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-b | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-d | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-u1 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-u1b | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-u2 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-u2a | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-u2c | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-update1 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-update1b | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-update2 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-update2a | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-update2c | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-e | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-f | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-update3 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-update3d | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-update3f | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-update3 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-update3a | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-update3b | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-update3f | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-update3g | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 7.0 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 7.0-a | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-u3 | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973,CVE-2021-21985,CVE-2021-21986 are affected in VMware vCenter Server 6.5-u3f | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973,CVE-2021-21985,CVE-2021-21986 are affected in VMware vCenter Server 6.5-u3k | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.5-update3k | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973,CVE-2021-21985 are affected in VMware vCenter Server 6.7-u3 | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973,CVE-2021-21985 are affected in VMware vCenter Server 6.7-u3a | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973,CVE-2021-21985 are affected in VMware vCenter Server 6.7-u3b | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973,CVE-2021-21985 are affected in VMware vCenter Server 6.7-u3f | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973,CVE-2021-21985 are affected in VMware vCenter Server 6.7-u3g | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973,CVE-2021-21985 are affected in VMware vCenter Server 6.7-u3j | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 6.7-update3j | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 7.0-b | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 7.0-c | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 7.0-d | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973 are affected in VMware vCenter Server 7.0-u1 | Windows |
| Vulnerabilities CVE-2021-21972,CVE-2021-21973 are affected in VMware vCenter Server 7.0-u1a | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 7.0-update1 | Windows |
| Multiple Vulnerabilities are affected in VMware vCenter Server 7.0-update1a | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234