First published: Thu Sep 23 2021(Updated: )
The vCenter Server contains a denial-of-service vulnerability in the Analytics service. Successful exploitation of this issue may allow an attacker to create a denial-of-service condition on vCenter Server.
Credit: security@vmware.com
Affected Software | Affected Version | How to fix |
---|---|---|
VMware Cloud Foundation | >=3.0<3.10.2.2 | |
VMware Cloud Foundation | >=4.0<4.3 | |
VMware vCenter Server | =6.7 | |
VMware vCenter Server | =7.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-22020 is a denial-of-service vulnerability in the vCenter Server Analytics service.
CVE-2021-22020 has a severity rating of medium, with a CVSS score of 5.5.
CVE-2021-22020 affects VMware Cloud Foundation versions 3.0 to 3.10.2.2, VMware Cloud Foundation versions 4.0 to 4.3, VMware vCenter Server version 6.7, and VMware vCenter Server version 7.0.
Exploiting CVE-2021-22020 can lead to a denial-of-service condition on vCenter Server.
More information about CVE-2021-22020 can be found in the VMware Security Advisory VMSA-2021-0020: https://www.vmware.com/security/advisories/VMSA-2021-0020.html