CVE-2021-22020
First published: Thu Sep 23 2021(Updated: )
The vCenter Server contains a denial-of-service vulnerability in the Analytics service. Successful exploitation of this issue may allow an attacker to create a denial-of-service condition on vCenter Server.
Credit: security@vmware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware Cloud Foundation | >=3.0<3.10.2.2 | |
| VMware Cloud Foundation | >=4.0<4.3 | |
| VMware vCenter Server | =6.7 | |
| VMware vCenter Server | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-22020?
CVE-2021-22020 is a denial-of-service vulnerability in the vCenter Server Analytics service.
How severe is CVE-2021-22020?
CVE-2021-22020 has a severity rating of medium, with a CVSS score of 5.5.
Which software versions are affected by CVE-2021-22020?
CVE-2021-22020 affects VMware Cloud Foundation versions 3.0 to 3.10.2.2, VMware Cloud Foundation versions 4.0 to 4.3, VMware vCenter Server version 6.7, and VMware vCenter Server version 7.0.
How can CVE-2021-22020 be exploited?
Exploiting CVE-2021-22020 can lead to a denial-of-service condition on vCenter Server.
Where can I find more information about CVE-2021-22020?
More information about CVE-2021-22020 can be found in the VMware Security Advisory VMSA-2021-0020: https://www.vmware.com/security/advisories/VMSA-2021-0020.html
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- vendor/vmware
- canonical/vmware cloud foundation
- version/vmware cloud foundation/3.0
- version/vmware cloud foundation/4.0
- canonical/vmware vcenter server
- version/vmware vcenter server/6.7
- version/vmware vcenter server/7.0