← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-22017 — Actively Exploited: vCenter Server (VMware)

Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization.

CVE IDCVE-2021-22017
VendorVMware
ProductvCenter Server
Vulnerability nameVMware vCenter Server Improper Access Control
Date added2022-01-10
Remediation due2022-01-24
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionRhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →