Vulnerabilities > Vmware > Vcenter Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-23 | CVE-2021-22016 | Cross-site Scripting vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. | 6.1 |
| 2021-09-23 | CVE-2021-22017 | Unspecified vulnerability in VMWare Vcenter Server 6.7 Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. | 5.3 |
| 2021-09-23 | CVE-2021-22018 | Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains an arbitrary file deletion vulnerability in a VMware vSphere Life-cycle Manager plug-in. | 6.5 |
| 2021-09-23 | CVE-2021-22019 | Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. | 7.5 |
| 2021-09-23 | CVE-2021-22020 | Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains a denial-of-service vulnerability in the Analytics service. | 5.5 |
| 2021-09-23 | CVE-2021-21993 | Server-Side Request Forgery (SSRF) vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. | 6.5 |
| 2021-09-23 | CVE-2021-22005 | Path Traversal vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. | 9.8 |
| 2021-09-23 | CVE-2021-22006 | Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. | 7.5 |
| 2021-09-23 | CVE-2021-22007 | Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains a local information disclosure vulnerability in the Analytics service. | 5.5 |
| 2021-09-23 | CVE-2021-22008 | Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service. | 7.5 |