https://www.vmware.com/security/advisories/VMSA-2021-0020.html

The version of VMware vCenter Server installed on the remote host is 6.5 prior to 6.5 U3q. It is, therefore, affected  by multiple vulnerabilities:

    - A privilege escalation vulnerability exists in vCenter Server due to the way it handles session tokens.       An authenticated, local attacker can exploit this to gain unauthorized access to the system.       (CVE-2021-21991, CVE-2021-22015)

    - An rhttproxy bypass vulnerability exists in vCenter Server due to improper implementation of URI       normalization. An unauthenticated, remote attacker can exploit this to gain access to internal       endpoints. (CVE-2021-22017)


Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version   number. Nessus has also not tested for the presence of a workaround.

The version of VMware vCenter Server installed on the remote host is prior to 7.0 U2d. It is, therefore, affected  by multiple vulnerabilities:

    - An unauthenticated API endpoint vulnerability exists in the vCenter Server Content Library. An       unauthenticated, remote attacker can exploit this to perform unauthenticated VM network setting       manipulation. (CVE-2021-22011)

    - A file deletion vulnerability exists in the VMware vSphere Life-cycle Manager plug-in.       A unauthenticated, remote attacker can exploit this to delete non-critical files.       (CVE-2021-22018)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version   number. Nessus has also not tested for the presence of a workaround.

The version of VMware vCenter Server installed on the remote host is 6.7 prior to 6.7 U3o. It is, therefore, affected by multiple vulnerabilities:

    - A privilege escalation vulnerability exists in vCenter Server due to the way it handles session tokens.       An authenticated, local attacker can exploit this to gain unauthorized access to the system.       (CVE-2021-21991, CVE-2021-22015)

    - A reverse proxy bypass vulnerability exists in vCenter Server due to the way the endpoints handle the URI.       An unauthenticated, remote attacker can exploit this to gain unauthorized access to restricted endpoints.
      (CVE-2021-22006) 

    - An rhttproxy bypass vulnerability exists in vCenter Server due to improper implementation of URI       normalization. An unauthenticated, remote attacker can exploit this to gain access to internal       endpoints. (CVE-2021-22017)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version   number. Nessus has also not tested for the presence of a workaround.

ID	Name	Product	Family	Severity
153547	VMware vCenter Server < 6.5 U3q Multiple Vulnerabilities (VMSA-2021-0020)	Nessus	Misc.	high
153546	VMware vCenter Server < 7.0 U2d Multiple Vulnerabilities (VMSA-2021-0020)	Nessus	Misc.	medium
153544	VMware vCenter Server < 6.7 Multiple Vulnerabilities (VMSA-2021-0020)	Nessus	Misc.	high

CVE-2021-22011

medium

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Tenable Plugins

high

medium

high