← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-39144 — Actively Exploited: XStream (XStream)

XStream contains a remote code execution vulnerability that allows an attacker to manipulate the processed input stream and replace or inject objects that result in the execution of a local command on the server. This vulnerability can affect multiple products, including but not limited to VMware Cloud Foundation.

CVE IDCVE-2021-39144
VendorXStream
ProductXStream
Vulnerability nameXStream Remote Code Execution Vulnerability
Date added2023-03-10
Remediation due2023-03-31
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionXStream contains a remote code execution vulnerability that allows an attacker to manipulate the processed input stream and replace or inject objects that result in the execution of a local command on the server. This vulnerability can affect multiple products, including but not limited to VMware Cloud Foundation.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →