CVE-2021-22019

September 30, 2021

The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 5480 on vCenter Server may exploit this issue by sending a specially crafted jsonrpc message to create a denial of service condition.

Summary:

The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 5480 on vCenter Server may exploit this issue by sending a specially crafted jsonrpc message to create a denial of service condition.

Reference Links(if available):

  • https://www.vmware.com/security/advisories/VMSA-2021-0020.html

  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)

  • You may have missed

    hackerone

    HackerOne Bug Bounty Disclosure: social-media-account-takeover-haythem

    November 3, 2024
    image

    [HUNTERS] – Ransomware Victim: Hemubo

    November 3, 2024
    image

    [HANDALA] – Ransomware Victim: Elad municipality

    November 3, 2024
    image

    [QILIN] – Ransomware Victim: The Law Offices of Jed Silverman

    November 3, 2024
    Cobalt Strike

    Cobalt Strike Beacon Detected – 43[.]246[.]208[.]199:443

    November 3, 2024