CVE-2021-26987

Summary

Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions prior to 1.3.2 are susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-in for vCenter Server, Management Services versions prior to 2.17.56 and Management Node versions through 12.2 contain vulnerable versions of SpringBoot Framework.

Affected Software

VendorProductVersion RangeStatus
n/aElement Plug-in for vCenter ServerAll versionsaffected
n/aManagement Services for Element Software and NetApp HCIversions prior to 2.17.56affected
n/aNetApp SolidFire & HCI Management Nodeversions through 12.2affected

Weaknesses

  • Remote Code Execution

ADP Enrichment

CVE Program Container

Additional References

References