CVE-2021-21992 vulnerability in VMware Products
Published on September 22, 2021

The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing. A malicious actor with non-administrative user access to the vCenter Server vSphere Client (HTML5) or vCenter Server vSphere Web Client (FLEX/Flash) may exploit this issue to create a denial-of-service condition on the vCenter Server host.

NVD

Products Associated with CVE-2021-21992

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-21992 are published in these products:

VMware Cloud Foundation

VMware Vcenter Server

Exploit Probability

EPSS

0.93%

Percentile

75.70%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-21992 vulnerability in VMware ProductsPublished on September 22, 2021

Products Associated with CVE-2021-21992

Exploit Probability

CVE-2021-21992 vulnerability in VMware Products
Published on September 22, 2021