Home

CVE-2021-22009

Description

The vCenter Server contains multiple denial-of-service vulnerabilities in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit these issues to create a denial of service condition due to excessive memory consumption by VAPI service.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
1.465

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in VMware vCenter 6.7Windows
Multiple Vulnerabilities are affected in VMware vCenter 7.0Windows
Multiple Vulnerabilities are affected in VMware vCenter Server 6.7Windows
Multiple Vulnerabilities are affected in VMware vCenter Server 7.0Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234