Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2021-21985

The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.

  • Published: May 26, 2021
  • Updated: Apr 14, 2023
  • CVE: CVE-2021-21985
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
vmware / vcenter_server 6.5-f 6.5-f.x
vmware / vcenter_server 6.5-e 6.5-e.x
vmware / vcenter_server 6.5-d 6.5-d.x
vmware / vcenter_server 6.5-c 6.5-c.x
vmware / vcenter_server 6.5-b 6.5-b.x
vmware / vcenter_server 6.5-a 6.5-a.x
vmware / vcenter_server 6.7-d 6.7-d.x
vmware / vcenter_server 6.7-b 6.7-b.x
vmware / vcenter_server 6.7-a 6.7-a.x
vmware / vcenter_server 6.5 6.5.x
vmware / vcenter_server 6.7 6.7.x
vmware / vcenter_server 7.0 7.0.x
vmware / vcenter_server 7.0-d 7.0-d.x
vmware / vcenter_server 7.0-c 7.0-c.x
vmware / vcenter_server 7.0-b 7.0-b.x
vmware / vcenter_server 7.0-a 7.0-a.x
vmware / vcenter_server 6.5-update3n 6.5-update3n.x
vmware / vcenter_server 6.5-update1 6.5-update1.x
vmware / vcenter_server 6.5-update1c 6.5-update1c.x
vmware / vcenter_server 6.5-update1b 6.5-update1b.x
vmware / vcenter_server 6.5-update3 6.5-update3.x
vmware / vcenter_server 6.5-update3d 6.5-update3d.x
vmware / vcenter_server 6.5-update3k 6.5-update3k.x
vmware / vcenter_server 6.5-update3f 6.5-update3f.x
vmware / vcenter_server 6.5-update1d 6.5-update1d.x
vmware / vcenter_server 6.5-update1e 6.5-update1e.x
vmware / vcenter_server 6.5-update1g 6.5-update1g.x
vmware / vcenter_server 6.5-update2 6.5-update2.x
vmware / vcenter_server 6.5-update2b 6.5-update2b.x
vmware / vcenter_server 6.5-update2c 6.5-update2c.x
vmware / vcenter_server 6.5-update2d 6.5-update2d.x
vmware / vcenter_server 6.5-update2g 6.5-update2g.x
vmware / vcenter_server 6.7-update3f 6.7-update3f.x
vmware / vcenter_server 7.0-update1a 7.0-update1a.x
vmware / vcenter_server 6.7-update3l 6.7-update3l.x
vmware / vcenter_server 7.0-update1 7.0-update1.x
vmware / vcenter_server 6.7-update3m 6.7-update3m.x
vmware / vcenter_server 7.0-update1c 7.0-update1c.x
vmware / vcenter_server 7.0-update1d 7.0-update1d.x
vmware / vcenter_server 7.0-update2 7.0-update2.x
vmware / vcenter_server 7.0-update2a 7.0-update2a.x
vmware / vcenter_server 6.7-update3j 6.7-update3j.x
vmware / vcenter_server 6.7-update3b 6.7-update3b.x
vmware / vcenter_server 6.7-update3g 6.7-update3g.x
vmware / vcenter_server 6.7-update1 6.7-update1.x
vmware / vcenter_server 6.7-update1b 6.7-update1b.x
vmware / vcenter_server 6.7-update2 6.7-update2.x
vmware / vcenter_server 6.7-update2a 6.7-update2a.x
vmware / vcenter_server 6.7-update2c 6.7-update2c.x
vmware / vcenter_server 6.7-update3a 6.7-update3a.x
vmware / vcenter_server 6.7-update3 6.7-update3.x
vmware / cloud_foundation 3.0 3.10.2.1
vmware / cloud_foundation 4.0 4.2.1