CVE-2021-21981
First published: Mon Apr 19 2021(Updated: )
VMware NSX-T contains a privilege escalation vulnerability due to an issue with RBAC (Role based access control) role assignment. Successful exploitation of this issue may allow attackers with local guest user account to assign privileges higher than their own permission level.
Credit: security@vmware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Vmware Nsx-t Data Center | =3.1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-21981?
CVE-2021-21981 is a privilege escalation vulnerability in VMware NSX-T due to an issue with RBAC role assignment.
How does the vulnerability in VMware NSX-T occur?
The vulnerability in VMware NSX-T occurs due to an issue with RBAC role assignment, allowing attackers to assign privileges higher than their own permission level.
What is the severity of CVE-2021-21981?
The severity of CVE-2021-21981 is high with a CVSS score of 7.8.
Is VMware NSX-T version 3.1.1 affected by CVE-2021-21981?
Yes, VMware NSX-T version 3.1.1 is affected by CVE-2021-21981.
How can I mitigate the vulnerability in VMware NSX-T?
To mitigate the vulnerability in VMware NSX-T, update to a version that includes the fix provided by VMware.
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/event
- agent/type
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/vmware
- canonical/vmware nsx-t data center
- version/vmware nsx-t data center/3.1.1