CVE-2022-22982

Summary

The vCenter Server contains a server-side request forgery (SSRF) vulnerability. A malicious actor with network access to 443 on the vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service.

Affected Software

VendorProductVersion RangeStatus
n/aVMware vCenter ServerVMware vCenter Server (7.0 before 7.0 U3f, 6.7 before 6.7 U3r & 6.5 before 6.5 U3t)affected

Weaknesses

  • Server-side request forgery vulnerability

ADP Enrichment

CVE Program Container

Additional References

References