CVE-2021-22017
| CVE Published | 2021-09-23 |
|---|---|
| Related Vendor(s) | vmware |
| Related Product(s) | vcenter_server |
| Exploitation Reported (CISA KEV) | 2022-01-10 |
| CVSS 3 Base Score | 5.3 (MEDIUM) |
| CVSS 3 Attack Complexity | LOW |
| CVSS 3 Attack Vector | NETWORK |
Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed.
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph