Attacker Value
Unknown
(1 user assessed)
Exploitability
Unknown
(1 user assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
1

CVE-2021-21980

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.

Add Assessment

General Information

Products

  • VMware vCenter Server and VMware Cloud Foundation

Additional Info

Technical Analysis