CVE-2021-21973β€”VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability

PUBLISHEDvulnerability record
2022-03-07 Β· last modified June 21, 2025

Metadata

CVE ID:
CVE-2021-21973
Project:
VMware
Product:
vCenter Server and Cloud Foundation
Date Added:
2022-03-07
Due Date:
2022-03-21
Last Updated:
June 21, 2025

Vulnerability Name

VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability

Description

VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
Unknown

Action

Apply updates per vendor instructions.

Additional Notes

Related News Articles

Related Weaknesses