virus logo FortiClient Vulnerability

VMware vCenter Server CVE-2021-22017 Privilege Escalation Vulnerability

description-logoDescription

Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed.

affected-products-logoAffected Applications

vCenter Server

CVE References

CVE-2021-22017

Other References

https://www.vmware.com/security/advisories/VMSA-2021-0020.html
ID 4119
Created Jan 26, 2022
Description
Updated		 Nov 07, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor VMware
Patch manual
Application vCenter Server