VMSA-2021-0020:VMware vCenter Server updates address multiple security vulnerabilities
23611
22 September 2021
18 September 2021
CLOSED
CRITICAL
4.3-9.8
CVE-2021-21991,CVE-2021-21992,CVE-2021-21993,CVE-2021-22005,CVE-2021-22006,CVE-2021-22007,CVE-2021-22008,CVE-2021-22009,CVE-2021-22010,CVE-2021-22011,CVE-2021-22012,CVE-2021-22013,CVE-2021-22014,CVE-2021-22015,CVE-2021-22016,CVE-2021-22017,CVE-2021-22018,CVE-2021-22019,CVE-2021-22020
1. Impacted Products
- VMware vCenter Server (vCenter Server)
- VMware Cloud Foundation (Cloud Foundation)
2. Introduction
Multiple vulnerabilities in VMware vCenter Server were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.
3a. vCenter Server file upload vulnerability (CVE-2021-22005)
Description
The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
Known Attack Vectors
A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.
Resolution
To remediate CVE-2021-22005 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
Workarounds for CVE-2021-22005 have been listed in the 'Workarounds' column of the 'Response Matrix' below.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
- VMware has confirmed reports that CVE-2021-22005 is being exploited in the wild.
- This issue does not affect vCenter Server 6.5.
Acknowledgements
VMware would like to thank George Noseevich (@webpentest) and Sergey Gerasimov of SolidLab LLC for reporting this issue to us.
3b. vCenter Server local privilege escalation vulnerability (CVE-2021-21991)
Description
The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.8.
Known Attack Vectors
A malicious actor with non-administrative user access on vCenter Server host may exploit this issue to escalate privileges to Administrator on the vSphere Client (HTML5) or vCenter Server vSphere Web Client (FLEX/Flash).
Resolution
To remediate CVE-2021-21991 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
None.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
None.
Acknowledgements
VMware would like to thank Hynek Petrak of Schneider Electric for reporting this issue to us.
3c. vCenter Server reverse proxy bypass vulnerability (CVE-2021-22006)
Description
The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.3.
Known Attack Vectors
A malicious actor with network access to port 443 on vCenter Server may exploit this issue to access restricted endpoints.
Resolution
To remediate CVE-2021-22006 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
None.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
This issue does not affect vCenter Server 6.5.
Acknowledgements
VMware would like to thank George Noseevich (@webpentest) and Sergey Gerasimov of SolidLab LLC for reporting this issue to us.
3d. vCenter server unauthenticated API endpoint vulnerability (CVE-2021-22011)
Description
The vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.1.
Known Attack Vectors
A malicious actor with network access to port 443 on vCenter Server may exploit this issue to perform unauthenticated VM network setting manipulation.
Resolution
To remediate CVE-2021-22011 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
None.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
None.
Acknowledgements
VMware would like to thank George Noseevich (@webpentest) and Sergey Gerasimov of SolidLab LLC for reporting this issue to us.
3e. vCenter Server improper permission local privilege escalation vulnerabilities (CVE-2021-22015)
Description
The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. VMware has evaluated the severity of these issues to be in the Important severity range with a maximum CVSSv3 base score of 7.8.
Known Attack Vectors
An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appliance.
Resolution
To remediate CVE-2021-22015 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
None.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
None.
Acknowledgements
VMware would like to thank Yuval Lazar (@Ul7raVi0l3t) of Pentera, Sergey Gerasimov and George webpentest Noseevich of Solidlab working with Trend Micro Zero Day Initiative for independently reporting these issues to us.
3f. vCenter Server unauthenticated API information disclosure vulnerability (CVE-2021-22012)
Description
The vCenter Server contains an information disclosure vulnerability due to an unauthenticated appliance management API. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5.
Known Attack Vectors
A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.
Resolution
To remediate CVE-2021-22012 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
None.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
This issue affects only vCenter Server 6.5.
Acknowledgements
VMware would like to thank George Noseevich (@webpentest) and Sergey Gerasimov of SolidLab LLC for reporting this issue to us.
3g. vCenter Server file path traversal vulnerability (CVE-2021-22013)
Description
The vCenter Server contains a file path traversal vulnerability leading to information disclosure in the appliance management API. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5.
Known Attack Vectors
A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.
Resolution
To remediate CVE-2021-22013 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
None.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
This issue affects only vCenter Server 6.5.
Acknowledgements
VMware would like to thank George Noseevich (@webpentest) and Sergey Gerasimov of SolidLab LLC for reporting this issue to us.
3h. vCenter Server reflected XSS vulnerability (CVE-2021-22016)
Description
The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5.
Known Attack Vectors
An attacker may exploit this issue to execute malicious scripts by tricking a victim into clicking a malicious link.
Resolution
To remediate CVE-2021-22016 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
None.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
This issue affects only vCenter Server 6.7.
Acknowledgements
VMware would like to thank icez for reporting this issue to us.
3i. vCenter Server rhttpproxy bypass vulnerability (CVE-2021-22017)
Description
Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.3.
Known Attack Vectors
A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed.
Resolution
To remediate CVE-2021-22017 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
None.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
This issue does not affect vCenter Server 7.0.
Acknowledgements
VMware would like to thank George Noseevich (@webpentest) and Sergey Gerasimov of SolidLab LLC for reporting this issue to us.
3j. vCenter Server authenticated code execution vulnerability (CVE-2021-22014)
Description
The vCenter Server contains an authenticated code execution vulnerability in VAMI (Virtual Appliance Management Infrastructure). VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.
Known Attack Vectors
An authenticated VAMI user with network access to port 5480 on vCenter Server may exploit this issue to execute code on the underlying operating system that hosts vCenter Server.
Resolution
To remediate CVE-2021-22014 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
None.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
None.
Acknowledgements
VMware would like to thank George Noseevich (@webpentest) and Sergey Gerasimov of SolidLab LLC for reporting this issue to us.
3k. vCenter Server file deletion vulnerability (CVE-2021-22018)
Description
The vCenter Server contains an arbitrary file deletion vulnerability in a VMware vSphere Life-cycle Manager plug-in. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.5.
Known Attack Vectors
A malicious actor with network access to port 9087 on vCenter Server may exploit this issue to delete non critical files.
Resolution
To remediate CVE-2021-22018 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
None.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
This issue affects only vCenter Server 7.0.
Acknowledgements
VMware would like to thank Sergey Gerasimov of Solidlab working with Trend Micro Zero Day Initiative for reporting this issue to us.
3l. vCenter Server XML parsing denial-of-service vulnerability (CVE-2021-21992)
Description
The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.5.
Known Attack Vectors
A malicious actor with non-administrative user access to the vCenter Server vSphere Client (HTML5) or vCenter Server vSphere Web Client (FLEX/Flash) may exploit this issue to create a denial-of-service condition on the vCenter Server host.
Resolution
To remediate CVE-2021-21992 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
None.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
None.
Acknowledgements
VMware would like to thank Osama Alaa of Malcrove for reporting this issue to us.
3m. vCenter Server local information disclosure vulnerability (CVE-2021-22007)
Description
The vCenter Server contains a local information disclosure vulnerability in the Analytics service. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.5.
Known Attack Vectors
An authenticated user with non-administrative privilege may exploit this issue to gain access to sensitive information.
Resolution
To remediate CVE-2021-22007 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
None.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
This issues does not affect vCenter server 6.5.
Acknowledgements
VMware would like to thank George Noseevich (@webpentest) and Sergey Gerasimov of SolidLab LLC for reporting this issue to us.
3n. vCenter Server denial of service vulnerability (CVE-2021-22019)
Description
The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.
Known Attack Vectors
A malicious actor with network access to port 5480 on vCenter Server may exploit this issue by sending a specially crafted jsonrpc message to create a denial of service condition.
Resolution
To remediate CVE-2021-22019 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
None.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
None.
Acknowledgements
VMware would like to thank Sergey Gerasimov and George webpentest Noseevich of Solidlab working with Trend Micro Zero Day Initiative for reporting these issues to us.
3o. vCenter Server VAPI multiple denial of service vulnerabilities (CVE-2021-22009)
Description
The vCenter Server contains multiple denial-of-service vulnerabilities in VAPI (vCenter API) service.VMware has evaluated the severity of these issues to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.
Known Attack Vectors
A malicious actor with network access to port 443 on vCenter Server may exploit these issues to create a denial of service condition due to excessive memory consumption by VAPI service.
Resolution
To remediate CVE-2021-22009 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
None.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
None.
Acknowledgements
VMware would like to thank Sergey Gerasimov and George webpentest Noseevich of Solidlab working with Trend Micro Zero Day Initiative for reporting these issues to us.
3p. vCenter Server VPXD denial of service vulnerability (CVE-2021-22010)
Description
The vCenter Server contains a denial-of-service vulnerability in VPXD (Virtual Provisioning X Daemon) service. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.
Known Attack Vectors
A malicious actor with network access to port 443 on vCenter Server may exploit this issue to create a denial of service condition due to excessive memory consumption by VPXD service.
Resolution
To remediate CVE-2021-22010 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
None.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
This issues does not affect vCenter server 6.5.
Acknowledgements
VMware would like to thank George Noseevich (@webpentest) and Sergey Gerasimov of SolidLab LLC for reporting this issue to us.
3q. vCenter Server information disclosure vulnerability (CVE-2021-22008)
Description
The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service.VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.
Known Attack Vectors
A malicious actor with network access to port 443 on vCenter Server may exploit this issue by sending a specially crafted jsonrpc message to gain access to sensitive information.
Resolution
To remediate CVE-2021-22008 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
None.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
None.
Acknowledgements
VMware would like to thank Sergey Gerasimov and George webpentest Noseevich of Solidlab working with Trend Micro Zero Day Initiative for reporting this issue to us.
3r. vCenter Server Analytics service denial-of-service Vulnerability (CVE-2021-22020)
Description
The vCenter Server contains a denial-of-service vulnerability in the Analytics service. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.0.
Known Attack Vectors
Successful exploitation of this issue may allow an attacker to create a denial-of-service condition on vCenter Server.
Resolution
To remediate CVE-2021-22020 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
None.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
This issue does not affect vCenter Server 6.5.
Acknowledgements
VMware would like to thank George Noseevich (@webpentest) and Sergey Gerasimov of SolidLab LLC for reporting this issue to us.
3s. vCenter Server SSRF vulnerability (CVE-2021-21993)
Description
The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.3.
Known Attack Vectors
An authorised user with access to content library may exploit this issue by sending a POST request to vCenter Server leading to information disclosure.
Resolution
To remediate CVE-2021-21993 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds
None.
Additional Documentation
A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2021-0020-faq
Notes
None.
Acknowledgements
VMware would like to thank Osama Alaa of Malcrove and vitquay of Vantage Point Security for independently reporting this issue to us.
Response Matrix - vSphere 7.0:
Product | Version | Running On | CVE Identifier | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
vCenter Server | 7.0 | Any | CVE-2021-22005 | critical | ||||
vCenter Server | 7.0 | Any | CVE-2021-21991, CVE-2021-21992, CVE-2021-21993, CVE-2021-22006, CVE-2021-22007, CVE-2021-22008, CVE-2021-22009, CVE-2021-22010, CVE-2021-22014, CVE-2021-22015, CVE-2021-22019, CVE-2021-22020 | important | None | |||
vCenter Server | 7.0 | Any | CVE-2021-22011, CVE-2021-22018 | important | None | |||
vCenter Server | 7.0 | Any | CVE-2021-22012, CVE-2021-22013, CVE-2021-22016, CVE-2021-22017 | N/A | N/A | Unaffected | N/A | N/A |
Cloud Foundation (vCenter Server) | 4.x | Any | CVE-2021-22005 | critical | ||||
Cloud Foundation (vCenter Server) | 4.x | Any | CVE-2021-21991, CVE-2021-21992, CVE-2021-21993, CVE-2021-22006, CVE-2021-22007, CVE-2021-22008, CVE-2021-22009, CVE-2021-22010, CVE-2021-22014, CVE-2021-22015, CVE-2021-22019, CVE-2021-22020 | important | None | |||
Cloud Foundation (vCenter Server) | 4.x | Any | CVE-2021-22011, CVE-2021-22018 | important | None | |||
Cloud Foundation (vCenter Server) | 4.x | Any | CVE-2021-22012, CVE-2021-22013, CVE-2021-22016, CVE-2021-22017 | N/A | N/A | Unaffected | N/A | N/A |
Response Matrix - vSphere 6.7:
Product | Version | Running On | CVE Identifier | CVSS v3 | Severity | Fixed Version | Workarounds | Additional Documentation |
vCenter Server | 6.7 | Virtual Appliance | CVE-2021-22005 | critical | ||||
vCenter Server | 6.7 | Windows | CVE-2021-22005 | N/A | N/A | Unaffected | N/A | N/A |
vCenter Server | 6.7 | Any | CVE-2021-21991, CVE-2021-21992, CVE-2021-21993, CVE-2021-22006, CVE-2021-22008, CVE-2021-22009, CVE-2021-22010, CVE-2021-22011, CVE-2021-22016, CVE-2021-22017 | important | None | |||
vCenter Server | 6.7 | Virtual Appliance | CVE-2021-22007, CVE-2021-22015, CVE-2021-22014, CVE-2021-22019, CVE-2021-22020 | important | None | |||
vCenter Server | 6.7 | Windows | CVE-2021-22007, CVE-2021-22014, CVE-2021-22015, CVE-2021-22019, CVE-2021-22020 | N/A | N/A | Unaffected | N/A | N/A |
vCenter Server | 6.7 | Any | CVE-2021-22012, CVE-2021-22013, CVE-2021-22018 | N/A | N/A | Unaffected | N/A | N/A |
Cloud Foundation (vCenter Server) | 3.x | Any | CVE-2021-22005 | critical | ||||
Cloud Foundation (vCenter Server) | 3.x | Any | CVE-2021-21991, CVE-2021-21992, CVE-2021-21993, CVE-2021-22006, CVE-2021-22007, CVE-2021-22008, CVE-2021-22009, CVE-2021-22010, CVE-2021-22011, CVE-2021-22014, CVE-2021-22015, CVE-2021-22016, CVE-2021-22017, CVE-2021-22019, CVE-2021-22020 | important | None | |||
Cloud Foundation (vCenter Server) | 3.x | Any | CVE-2021-22012, CVE-2021-22013, CVE-2021-22018 | N/A | N/A | Unaffected | N/A | N/A |
Response Matrix - vSphere 6.5:
Product | Version | Running On | CVE Identifier | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
vCenter Server | 6.5 | Any | CVE-2021-21991, CVE-2021-21992, CVE-2021-21993, CVE-2021-22008, CVE-2021-22009, CVE-2021-22011, CVE-2021-22017 | important | None | |||
vCenter Server | 6.5 | Virtual Appliance | CVE-2021-22012, CVE-2021-22013, CVE-2021-22014, CVE-2021-22015, CVE-2021-22019 | important | None | |||
vCenter Server | 6.5 | Windows | CVE-2021-22012, CVE-2021-22013, CVE-2021-22014, CVE-2021-22015, CVE-2021-22019 | N/A | N/A | Unaffected | N/A | N/A |
vCenter Server | 6.5 | Any | CVE-2021-22005, CVE-2021-22006, CVE-2021-22007, CVE-2021-22010, CVE-2021-22016, CVE-2021-22018, CVE-2021-22020 | N/A | N/A | Unaffected | N/A | N/A |
4. References
Fixed Version(s) and Release Notes:
vCenter Server 7.0 U2d
Downloads and Documentation:
https://customerconnect.vmware.com/downloads/details?downloadGroup=VC70U2D&productId=974&rPId=74352
https://docs.vmware.com/en/VMware-vSphere/7.0/rn/vsphere-vcenter-server-70u2d-release-notes.html
vCenter Server 6.7 U3o
Downloads and Documentation:
https://customerconnect.vmware.com/downloads/details?downloadGroup=VC67U3O&productId=742&rPId=73667
https://docs.vmware.com/en/VMware-vSphere/6.7/rn/vsphere-vcenter-server-67u3o-release-notes.html
vCenter Server 6.5 U3q
Downloads and Documentation:
https://customerconnect.vmware.com/downloads/details?downloadGroup=VC65U3Q&productId=614&rPId=74057
https://docs.vmware.com/en/VMware-vSphere/6.5/rn/vsphere-vcenter-server-65u3q-release-notes.html
VMware vCloud Foundation 4.3.1
Downloads and Documentation:
https://docs.vmware.com/en/VMware-Cloud-Foundation/4.3.1/rn/VMware-Cloud-Foundation-431-Release-Notes.html
VMware vCloud Foundation 3.10.2.2
Downloads and Documentation:
https://docs.vmware.com/en/VMware-Cloud-Foundation/3.10.2/rn/VMware-Cloud-Foundation-3102-Release-Notes.html
Mitre CVE Dictionary Links:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21991
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21992
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21993
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22005
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22006
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22007
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22008
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22009
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22010
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22011
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22012
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22013
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22014
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22015
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22016
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22018
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22019
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22020
FIRST CVSSv3 Calculator:
CVE-2021-21991: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2021-21992: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-21993: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2021-22005: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-22006: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
CVE-2021-22007: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-22008: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2021-22009: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-22010: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-22011: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H
CVE-2021-22012: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-22013: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-22014: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-22015: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-22016: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-22017: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-22018: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
CVE-2021-22019: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-22020: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
5. Change Log
2021-09-21 VMSA-2021-0020
Initial security advisory.
2021-09-24 VMSA-2021-0020.1
Updated advisory with an alert that VMware has confirmed reports that CVE-2021-22005 is being exploited in the wild.
6. Contact
E-mail list for product security notifications and announcements:
https://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
E-mail: [email protected]
PGP key at:
VMware Security Advisories
https://www.vmware.com/security/advisories
VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html
VMware Security & Compliance Blog
https://blogs.vmware.com/security
Copyright 2021 VMware Inc. All rights reserved.