// For flags

CVE-2021-26987

 

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions prior to 1.3.2 are susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-in for vCenter Server, Management Services versions prior to 2.17.56 and Management Node versions through 12.2 contain vulnerable versions of SpringBoot Framework.

Element Plug-in para vCenter Server incorpora SpringBoot Framework. Las versiones de SpringBoot Framework anteriores a 1.3.2 son susceptibles a una vulnerabilidad que, cuando es explotada con éxito, podría conllevar a una ejecución de código remota. Todas las versiones de Element Plug-in para vCenter Server, las versiones de Management Services anteriores a 2.17.56 y versiones de Management Node hasta 12.2 contienen versiones vulnerables de SpringBoot Framework

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-02-09 CVE Reserved
  • 2021-03-15 CVE Published
  • 2024-02-19 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
URL Date SRC
https://security.netapp.com/advisory/ntap-20210315-0001 2022-04-07
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Vmware
Search vendor "Vmware"
 Spring Boot
Search vendor "Vmware" for product "Spring Boot"
 < 1.3.2
Search vendor "Vmware" for product "Spring Boot" and version " < 1.3.2"
-
Affected
Netapp
Search vendor "Netapp"
 Element Plug-in For Vcenter Server
Search vendor "Netapp" for product "Element Plug-in For Vcenter Server"
*-
Affected
Netapp
Search vendor "Netapp"
 Management Services For Element Software And Netapp Hci
Search vendor "Netapp" for product "Management Services For Element Software And Netapp Hci"
 < 2.17.56
Search vendor "Netapp" for product "Management Services For Element Software And Netapp Hci" and version " < 2.17.56"
-
Affected
Netapp
Search vendor "Netapp"
 Solidfire \& Hci Management Node
Search vendor "Netapp" for product "Solidfire \& Hci Management Node"
 <= 12.2
Search vendor "Netapp" for product "Solidfire \& Hci Management Node" and version " <= 12.2"
-
Affected