CVE-2021-22019

Summary

The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 5480 on vCenter Server may exploit this issue by sending a specially crafted jsonrpc message to create a denial of service condition.

Affected Software

VendorProductVersion RangeStatus
n/aVMware vCenter Server, VMware Cloud FoundationVMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)affected

Weaknesses

  • Denial of service vulnerability

ADP Enrichment

CVE Program Container

Additional References

References