CVE-2021-22020

5.5MEDIUM

Key Information:

Vendor: Vmware
Status: Vmware Vcenter Server, Vmware Cloud Foundation
Vendor: CVE Published:; 23 September 2021

Summary

The vCenter Server contains a denial-of-service vulnerability in the Analytics service. Successful exploitation of this issue may allow an attacker to create a denial-of-service condition on vCenter Server.

Affected Version(s)

VMware vCenter Server, VMware Cloud Foundation VMware vCenter Server(7.x before 7.0 U2c and 6.7 before 6.7 U3o) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)

References

https://www.vmware.com/security/advisories/VMSA-2021-0020...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 23, 2021
Vulnerability Reserved
Jan 4, 2021