CVE-2021-21995
https://notcve.org/view.php?id=CVE-2021-21995
OpenSLP as used in ESXi has a denial-of-service vulnerability due a heap out-of-bounds read issue. A malicious actor with network access to port 427 on ESXi may be able to trigger a heap out-of-bounds read in OpenSLP service resulting in a denial-of-service condition. OpenSLP, tal como se utiliza en ESXi, presenta una vulnerabilidad de denegación de servicio debido a un problema de lectura fuera de límites de la pila. Un actor malicioso con acceso de red al puerto 427 en ESXi puede ser capaz de desencadenar una lectura fuera de límites de la pila en el servicio OpenSLP, resultando en una condición de denegación de servicio • https://www.vmware.com/security/advisories/VMSA-2021-0014.html • CWE-125: Out-of-bounds Read •
CVE-2021-21994
https://notcve.org/view.php?id=CVE-2021-21994
SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB authentication by sending a specially crafted request. SFCB (Small Footprint CIM Broker), tal y como se utiliza en ESXi, presenta una vulnerabilidad en la omisión de la autenticación. Un actor malicioso con acceso de red al puerto 5989 en ESXi puede explotar este problema para omitir la autenticación de SFCB al enviar una petición especialmente diseñada • https://www.vmware.com/security/advisories/VMSA-2021-0014.html • CWE-287: Improper Authentication •
CVE-2021-21986
https://notcve.org/view.php?id=CVE-2021-21986
The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network access to port 443 on vCenter Server may perform actions allowed by the impacted plug-ins without authentication. VSphere Client (HTML5) contiene una vulnerabilidad en un mecanismo de autenticación de vSphere para los plugins Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager y VMware Cloud Director Availability. Un actor malicioso con acceso de red al puerto 443 en vCenter Server puede llevar a cabo acciones permitidas por los plugins afectados sin autenticación • http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html https://www.vmware.com/security/advisories/VMSA-2021-0010.html • CWE-306: Missing Authentication for Critical Function •
CVE-2021-21985 – VMware vCenter Server Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2021-21985
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. VSphere Client (HTML5) contiene una vulnerabilidad de ejecución de código remota debido a una falta de comprobación de entrada en el plugin Virtual SAN Health Check, que está habilitado por defecto en vCenter Server. Un actor malicioso con acceso de red al puerto 443 puede explotar este problema para ejecutar comandos con privilegios ilimitados en el sistema operativo subyacente que aloja a vCenter Server VMware vSphere Client contains an improper input validation vulnerability in the Virtual SAN Health Check plug-in, which is enabled by default in vCenter Server, which allows for remote code execution. • https://github.com/daedalus/CVE-2021-21985 https://github.com/onSec-fr/CVE-2021-21985-Checker https://github.com/aristosMiliaressis/CVE-2021-21985 https://github.com/bigbroke/CVE-2021-21985 https://github.com/mauricelambert/CVE-2021-21985 https://github.com/haidv35/CVE-2021-21985 http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html https://www.vmwar • CWE-20: Improper Input Validation •
CVE-2021-21975 – VMware Server Side Request Forgery in vRealize Operations Manager API
https://notcve.org/view.php?id=CVE-2021-21975
Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials. una vulnerabilidad de Server Side Request Forgery en la API vRealize Operations Manager (CVE-2021-21975) anterior a la versión 8.4, puede permitir que un actor malicioso con acceso de red a la API vRealize Operations Manager pueda realizar un ataque de tipo Server Side Request Forgery para robar credenciales administrativas. Server Side Request Forgery (SSRF) in vRealize Operations Manager API prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API to perform a SSRF attack to steal administrative credentials. • https://github.com/GuayoyoCyber/CVE-2021-21975 https://github.com/Al1ex/CVE-2021-21975 https://github.com/murataydemir/CVE-2021-21975 https://github.com/Vulnmachines/VMWare-CVE-2021-21975 https://github.com/dorkerdevil/CVE-2021-21975 http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html https://www.vmware.com/security/advisories/VMSA-2021-0004.html https://twitter.com/ptswarm/status/1376961747232382976 https://attackerkb.com/topi • CWE-918: Server-Side Request Forgery (SSRF) •