← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-21973 — Actively Exploited: vCenter Server and Cloud Foundation (VMware)

VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure.

CVE IDCVE-2021-21973
VendorVMware
ProductvCenter Server and Cloud Foundation
Vulnerability nameVMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability
Date added2022-03-07
Remediation due2022-03-21
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionVMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →