Check Point Reference: |
CPAI-2021-2091 |
Date Published: |
28 Jan 2024 |
Severity: |
Medium
|
Last Updated: |
Sunday 28 January, 2024 |
Source: |
|
Industry Reference: | CVE-2021-21973
|
Protection Provided by: |
Security Gateway R81, R80, R77, R75 |
Who is Vulnerable? | VMware Cloud Foundation 3.0 and later, prior to 3.10.1.2 VMware Cloud Foundation 4.0 and later, prior to 4.2 VMware VCenter Server 6.5 VMware vCenter Server 6.5 Update A VMware vCenter Server 6.5 Update B VMware vCenter Server 6.5 Update C VMware vCenter Server 6.5 Update D VMware vCenter Server 6.5 Update E VMware vCenter Server 6.5 Update F VMware vCenter Server 6.5 Update 1d VMware vCenter Server 6.5 Update 1e VMware vCenter Server 6.5 Update 1g VMware vCenter Server 6.5 Update 2 VMware vCenter Server 6.5 Update 2b VMware vCenter Server 6.5 Update 2c VMware vCenter Server 6.5 Update 2d VMware vCenter Server 6.5 Update 2g VMware vCenter Server 6.5 Update 3 VMware vCenter Server 6.5 Update 3d VMware vCenter Server 6.5 Update 3f VMware vCenter Server 6.5 Update 3k VMWare vCenter Server 6.7 VMWare vCenter Server 6.7 a VMWare vCenter Server 6.7 b VMWare vCenter Server 6.7 d VMware vCenter Server 6.7 Update 1 VMware vCenter Server 6.7 Update 1b VMware vCenter Server 6.7 Update 2 VMware vCenter Server 6.7 Update 2a VMware vCenter Server 6.7 Update 2c VMware vCenter Server 6.7 Update 3 VMware vCenter Server 6.7 Update 3a VMware vCenter Server 6.7 Update 3b VMware vCenter Server 6.7 Update 3f VMware vCenter Server 6.7 Update 3g VMware vCenter Server 6.7 Update 3j VMWare vCenter Server 7.0 VMWare vCenter Server 7.0a VMWare vCenter Server 7.0b VMWare vCenter Server 7.0c VMWare vCenter Server 7.0d VMware vCenter Server 7.0 Update 1 VMware vCenter Server 7.0 Update 1a |
Vulnerability Description |
A server-side request forgery vulnerability exists in multiple VMware products. Successful exploitation of this vulnerability could allow an attacker to access internal resources. |