CVE-2021-21973βVMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability
PUBLISHEDvulnerability record
2022-03-07 Β· last modified June 21, 2025
Metadata
Vulnerability Name
VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability
Description
VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure.
Known To Be Used in Ransomware Campaigns?
Action
Apply updates per vendor instructions.