CVE-2021-21991
https://notcve.org/view.php?id=CVE-2021-21991
The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. A malicious actor with non-administrative user access on vCenter Server host may exploit this issue to escalate privileges to Administrator on the vSphere Client (HTML5) or vCenter Server vSphere Web Client (FLEX/Flash). vCenter Server contiene una vulnerabilidad de escalada de privilegios local debido a la forma en que maneja los tokens de sesión. Un actor malicioso con acceso de usuario no administrativo en el host de vCenter Server puede explotar este problema para escalar los privilegios a administrador en vSphere Client (HTML5) o vCenter Server vSphere Web Client (FLEX/Flash) • https://www.vmware.com/security/advisories/VMSA-2021-0020.html •
CVE-2021-22019 – VMware vCenter Server Appliance External Control of File Path Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-22019
The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 5480 on vCenter Server may exploit this issue by sending a specially crafted jsonrpc message to create a denial of service condition. vCenter Server contiene una vulnerabilidad de denegación de servicio en el servicio VAPI (vCenter API). Un actor malicioso con acceso a la red al puerto 5480 en vCenter Server puede explotar este problema mediante el envío de un mensaje jsonrpc especialmente diseñado para crear una condición de denegación de servicio This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of VMware vCenter Server Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of jsonrpc messages. A crafted request can trigger a file read operation of an endless character stream. • https://www.vmware.com/security/advisories/VMSA-2021-0020.html •
CVE-2021-22015 – VMware vCenter Server Appliance Incorrect Permission Assignment Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-22015
The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appliance. vCenter Server contiene múltiples vulnerabilidades de escalada de privilegios locales debido a permisos inapropiados de archivos y directorios. Un usuario local autenticado con privilegios no administrativos puede explotar estos problemas para elevar sus privilegios a root en vCenter Server Appliance This vulnerability allows local attackers to escalate privileges on affected installations of VMware vCenter Server Appliance. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the permissions of root-owned service files. The product sets incorrect permissions on sensitive files. • https://github.com/PenteraIO/vScalation-CVE-2021-22015 http://packetstormsecurity.com/files/170116/VMware-vCenter-vScalation-Privilege-Escalation.html https://www.vmware.com/security/advisories/VMSA-2021-0020.html • CWE-552: Files or Directories Accessible to External Parties •
CVE-2021-22008 – VMware vCenter Server Appliance Missing Authentication Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-22008
The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by sending a specially crafted json-rpc message to gain access to sensitive information. vCenter Server contiene una vulnerabilidad de divulgación de información en el servicio VAPI (vCenter API). Un actor malicioso con acceso de red al puerto 443 en vCenter Server puede explotar este problema mediante el envío de un mensaje json-rpc especialmente diseñado para conseguir acceso a información confidencial This vulnerability allows remote attackers to disclose sensitive information on affected installations of VMware vCenter Server Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of jsonrpc messages. The issue results from the lack of proper authentication before processing messages. • https://www.vmware.com/security/advisories/VMSA-2021-0020.html •
CVE-2021-21986
https://notcve.org/view.php?id=CVE-2021-21986
The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network access to port 443 on vCenter Server may perform actions allowed by the impacted plug-ins without authentication. VSphere Client (HTML5) contiene una vulnerabilidad en un mecanismo de autenticación de vSphere para los plugins Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager y VMware Cloud Director Availability. Un actor malicioso con acceso de red al puerto 443 en vCenter Server puede llevar a cabo acciones permitidas por los plugins afectados sin autenticación • http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html https://www.vmware.com/security/advisories/VMSA-2021-0010.html • CWE-306: Missing Authentication for Critical Function •