CVE-2021-22050

Summary

ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor with network access to ESXi may exploit this issue to create a denial-of-service condition by overwhelming rhttpproxy service with multiple requests.

Affected Software

VendorProductVersion RangeStatus
n/aVMware ESXi and VMware Cloud FoundationVMware ESXi(7.0 U3 before ESXi70U3c-19193900, ESXi 6.7 ESXi670-202111101-SG and ESXi 6.5 before ESXi650-202110101-SG) and VMware Cloud Foundation (4.x before 4.4 and 3.x before 3.11)affected

Weaknesses

  • Denial of service vulnerability

ADP Enrichment

CVE Program Container

Additional References

References