CVE-2021-22017 is a vulnerability in VMware Vcenter Server
Published on September 23, 2021
Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed.
Known Exploited Vulnerability
This VMware vCenter Server Improper Access Control vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization.
The following remediation steps are recommended / required by January 24, 2022: Apply updates per vendor instructions.
Vulnerability Analysis
CVE-2021-22017 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.
Products Associated with CVE-2021-22017
You can be notified by stack.watch whenever vulnerabilities like CVE-2021-22017 are published in these products:
What versions of Vcenter Server are vulnerable to CVE-2021-22017?
-
VMware Vcenter Server
Version 6.7
-