{"containers": {"cna": {"affected": [{"product": "VMware vCenter Server and VMware Cloud Foundation", "vendor": "n/a", "versions": [{"status": "affected", "version": "VMware vCenter Server (7.x before 7.0 U2b, 6.7 before 6.7 U3n, 6.5 before 6.5 U3p) and VMware Cloud Foundation (4.x before 4.2.1, 3.x before 3.10.2.1)"}]}], "descriptions": [{"lang": "en", "value": "The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server."}], "problemTypes": [{"descriptions": [{"description": "Remote code execution vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-07-13T16:06:26.000Z", "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@vmware.com", "ID": "CVE-2021-21985", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "VMware vCenter Server and VMware Cloud Foundation", "version": {"version_data": [{"version_value": "VMware vCenter Server (7.x before 7.0 U2b, 6.7 before 6.7 U3n, 6.5 before 6.5 U3p) and VMware Cloud Foundation (4.x before 4.2.1, 3.x before 3.10.2.1)"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Remote code execution vulnerability"}]}]}, "references": {"reference_data": [{"name": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html", "refsource": "MISC", "url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html"}, {"name": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html"}, {"name": "http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T18:30:23.663Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html"}]}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2021-21985", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-29T17:56:51.919812Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2021-11-03", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21985"}}}], "references": [{"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21985", "tags": ["government-resource"]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-470", "description": "CWE-470 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)"}]}], "timeline": [{"time": "2021-11-03T00:00:00.000Z", "lang": "en", "value": "CVE-2021-21985 added to CISA KEV"}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-21T23:25:44.978Z"}}]}, "cveMetadata": {"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "cveId": "CVE-2021-21985", "datePublished": "2021-05-26T14:04:30.000Z", "dateReserved": "2021-01-04T00:00:00.000Z", "dateUpdated": "2025-10-21T23:25:44.978Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T18:30:23.663Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2021-21985", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-29T17:56:51.919812Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2021-11-03", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21985"}}}], "timeline": [{"lang": "en", "time": "2021-11-03T00:00:00.000Z", "value": "CVE-2021-21985 added to CISA KEV"}], "references": [{"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21985", "tags": ["government-resource"]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-470", "description": "CWE-470 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-29T17:56:39.648Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "VMware vCenter Server and VMware Cloud Foundation", "versions": [{"status": "affected", "version": "VMware vCenter Server (7.x before 7.0 U2b, 6.7 before 6.7 U3n, 6.5 before 6.5 U3p) and VMware Cloud Foundation (4.x before 4.2.1, 3.x before 3.10.2.1)"}]}], "references": [{"url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html", "tags": ["x_refsource_MISC"]}, {"url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html", "tags": ["x_refsource_MISC"]}, {"url": "http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Remote code execution vulnerability"}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2021-07-13T16:06:26.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "VMware vCenter Server (7.x before 7.0 U2b, 6.7 before 6.7 U3n, 6.5 before 6.5 U3p) and VMware Cloud Foundation (4.x before 4.2.1, 3.x before 3.10.2.1)"}]}, "product_name": "VMware vCenter Server and VMware Cloud Foundation"}]}, "vendor_name": "n/a"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html", "name": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html", "refsource": "MISC"}, {"url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html", "name": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html", "refsource": "MISC"}, {"url": "http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html", "name": "http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html", "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Remote code execution vulnerability"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-21985", "STATE": "PUBLIC", "ASSIGNER": "security@vmware.com"}}}}, "cveMetadata": {"cveId": "CVE-2021-21985", "state": "PUBLISHED", "dateUpdated": "2025-10-21T23:25:44.978Z", "dateReserved": "2021-01-04T00:00:00.000Z", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "datePublished": "2021-05-26T14:04:30.000Z", "assignerShortName": "vmware"}, "dataVersion": "5.1"}

{"cisaActionDue": "2021-11-17", "cisaExploitAdd": "2021-11-03", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "VMware vCenter Server Improper Input Validation Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*", "matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*", "matchCriteriaId": "CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*", "matchCriteriaId": "1DD16169-A7DF-4604-888C-156A60018E32", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*", "matchCriteriaId": "46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*", "matchCriteriaId": "D26534EB-327B-4ED6-A3E1-005552CB1F9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*", "matchCriteriaId": "786CDD50-7E18-4437-8DB9-2D0ADECD436E", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*", "matchCriteriaId": "B2CE8DAE-0E78-4004-983D-1ECD8855EC33", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1:*:*:*:*:*:*", "matchCriteriaId": "7E51F433-1152-4E94-AF77-970230B1A574", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1b:*:*:*:*:*:*", "matchCriteriaId": "0064D104-E0D8-481A-9029-D3726A1A9CF4", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1c:*:*:*:*:*:*", "matchCriteriaId": "9B4D3F61-6CD9-411F-A205-EB06A57EBB4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*", "matchCriteriaId": "F72A1E9C-F960-4E8C-A46C-B38209E6349E", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*", "matchCriteriaId": "2C33CE46-F529-4EA9-9344-6ED3BFA7019D", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*", "matchCriteriaId": "9F1D8161-0E02-45C9-BF61-14799AB65E03", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*", "matchCriteriaId": "1F2CB1FF-6118-4875-945D-07BAA3A21FFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*", "matchCriteriaId": "1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*", "matchCriteriaId": "BDDC6510-3116-4578-80C8-8EF044A8370A", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*", "matchCriteriaId": "8678DB48-CB98-4E4C-ADE6-CABA73265FEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*", "matchCriteriaId": "DBD9A341-1FBF-4E04-848B-550DEB27261A", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*", "matchCriteriaId": "4955663C-1BB6-4F3E-9D4B-362DF144B7F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*", "matchCriteriaId": "CE0F8453-3D6C-4F1C-9167-3F02E3D905DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3f:*:*:*:*:*:*", "matchCriteriaId": "0EAD4045-A7F9-464F-ABB9-3782941162CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3k:*:*:*:*:*:*", "matchCriteriaId": "2F0A79C2-33AE-40C5-A853-770A4C691F29", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3n:*:*:*:*:*:*", "matchCriteriaId": "D8BB6CBC-11D6-40A4-ABAF-53AB9BED5A73", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*", "matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*", "matchCriteriaId": "5241C282-A02B-44B2-B6CA-BA3A99F9737C", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*", "matchCriteriaId": "04A60AC7-C2EA-4DBF-9743-54D708584AFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*", "matchCriteriaId": "8A91B0C4-F184-459E-AFD3-DE0E351CC964", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*", "matchCriteriaId": "23253631-2655-48A8-9B00-CB984232329C", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*", "matchCriteriaId": "50C2A9A8-0E66-4702-BCD4-74622108E7A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*", "matchCriteriaId": "EE4D3E2A-C32D-408F-B811-EF8BC86F0D34", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*", "matchCriteriaId": "31CA7802-D78D-4BAD-A45A-68B601C010C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*", "matchCriteriaId": "3B98981B-4721-4752-BAB4-361DB5AEB86F", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*", "matchCriteriaId": "04487105-980A-4943-9360-4442BF0411E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3a:*:*:*:*:*:*", "matchCriteriaId": "24D24E06-EB3F-4F11-849B-E66757B01466", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3b:*:*:*:*:*:*", "matchCriteriaId": "8AF12716-88E2-44B5-ACD7-BCBECA130FB8", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3f:*:*:*:*:*:*", "matchCriteriaId": "3352212C-E820-47B3-BDF5-57018F5B9E81", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3g:*:*:*:*:*:*", "matchCriteriaId": "6436ADFD-6B94-4D2A-B09B-CED4EC6CA276", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3j:*:*:*:*:*:*", "matchCriteriaId": "D06832CE-F946-469D-B495-6735F18D02A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3l:*:*:*:*:*:*", "matchCriteriaId": "726AC46D-9EA8-4FE8-94B8-0562935458F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3m:*:*:*:*:*:*", "matchCriteriaId": "0243D22F-1591-4A95-A7FE-2658CEE0C08F", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*", "matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*", "matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*", "matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*", "matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*", "matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*", "matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*", "matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*", "matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*", "matchCriteriaId": "85DD238C-EF73-44F0-928E-A94FF5C4B378", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*", "matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*", "matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0E65D7D-C5C1-4F9B-A470-2B1E34D2C429", "versionEndExcluding": "3.10.2.1", "versionStartIncluding": "3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*", "matchCriteriaId": "CDD049DD-5223-42EA-BCBF-DC86C2A90D41", "versionEndExcluding": "4.2.1", "versionStartIncluding": "4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server."}, {"lang": "es", "value": "VSphere Client (HTML5) contiene una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota debido a una falta de comprobaci\u00f3n de entrada en el plugin Virtual SAN Health Check, que est\u00e1 habilitado por defecto en vCenter Server. Un actor malicioso con acceso de red al puerto 443 puede explotar este problema para ejecutar comandos con privilegios ilimitados en el sistema operativo subyacente que aloja a vCenter Server"}], "id": "CVE-2021-21985", "lastModified": "2025-10-30T20:05:29.037", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2021-05-26T15:15:07.937", "references": [{"source": "security@vmware.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html"}, {"source": "security@vmware.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html"}, {"source": "security@vmware.com", "tags": ["Vendor Advisory"], "url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["US Government Resource"], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21985"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-470"}, {"lang": "en", "value": "CWE-918"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{}