CVE-2021-21985

Description from NVD

The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.

Information Acquisition Date:2021-06-30T16:40Z
CVSS 2.0: 10.0 HIGH CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:C/I:C/A:C

NVD References

 https://www.vmware.com/security/advisories/VMSA-2021-0010.html
     source:MISC
     tags:Vendor Advisory    
 http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html
     source:MISC
     tags:Third Party Advisory    VDB Entry    

This vulnerability may involve a PoC.

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: VMware(1 tweets)

List of frequently cited URLs

URLNum of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...226
https://lnk124
https://lists.astaro.com/ASGV9-IPS-rules.html25
http://twinybots.ch24
http://t.me/gobies9
https://github.com/alt3kx/CVE-2021-21985_PoC9
https://www.iswin.org/2021/06/02/Vcenter-Server-CVE-2021-21...9
https://bit.ly/3uDQtB48
https://attackerkb.com/topics/X85GKjaVER/cve-2021-21985#rap...5
https://www.vmware.com/security/advisories/VMSA-2021-0010.html5
https://securityaffairs.co/wordpress/118271/security/vmware...5
https://www.helpnetsecurity.com/2021/05/26/cve-2021-21985/5
https://y4y.space/2021/06/04/learning-jndi-injection-from-c...4
https://twitter.com/TheHackersNews/status/13974172686575411224
http://noahblog.360.cn/vcenter-cve-2021-2021-21985/4
https://www.jpcert.or.jp/at/2021/at210025.html4
https://ipssignatures.appspot.com/?cve=CVE-2021-219854
https://threatpost.com/vmware-ransomware-alarm-critical-bug...3
https://arstechnica.com/gadgets/2021/05/vulnerability-in-vm...3
https://www.tenable.com/blog/cve-2021-21985-critical-vmware...3
https://blogs.vmware.com/vsphere/2021/05/vmsa-2021-0010.html3
https://thehackernews.com/2021/05/critical-rce-vulnerabilit...3
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-...3
https://www.proofpoint.com/us/daily-ruleset-update-summary-...3
https://testbnull.medium.com/a-quick-look-at-cve-2021-21985...3
https://www.securityweek.com/attacks-exploiting-vmware-vsph...3
https://www.bleepingcomputer.com/news/security/vmware-warns...3
https://www.virtualizationhowto.com/2021/06/vmware-vcenter-...3

Information from Twitter

User URL Info Source Date
san28704295 http://iswin.org/2021/06/02/Vce Source san28704295      1628355251429580802 2023/02/22
san28704295 http://github.com/xnianq/cve-202 Source san28704295      1628355251429580802 2023/02/22
san28704295 https://twitter.com/san28704295/status/1628355251429580802/... Source san28704295      1628355251429580802 2023/02/22

List of frequently cited URLs

URLNum of Times Referred to
alerts.vulmon.com226
lnk124
lists.astaro.com25
twinybots.ch24
t.me9
github.com9
www.iswin.org9
bit.ly8
attackerkb.com5
www.vmware.com5
securityaffairs.co5
www.helpnetsecurity.com5
y4y.space4
twitter.com4
noahblog.360.cn4
www.jpcert.or.jp4
ipssignatures.appspot.com4
threatpost.com3
arstechnica.com3
www.tenable.com3
blogs.vmware.com3
thehackernews.com3
www.trustwave.com3
www.proofpoint.com3
testbnull.medium.com3
www.securityweek.com3
www.bleepingcomputer.com3
www.virtualizationhowto.com3

Information from Twitter

User URL Info Source
san28704295 iswin.org Show Tweet
san28704295 github.com Show Tweet
san28704295 twitter.com Show Tweet
GitHub Search Results: Up to 10
NameURL
r0ckysec/CVE-2021-21985 https://github.com/r0ckysec/CVE-2021-21985
xnianq/cve-2021-21985_exp https://github.com/xnianq/cve-2021-21985_exp
alt3kx/CVE-2021-21985_PoC https://github.com/alt3kx/CVE-2021-21985_PoC
testanull/Project_CVE-2021-21985_PoC https://github.com/testanull/Project_CVE-2021-21985_PoC
onSec-fr/CVE-2021-21985-Checker https://github.com/onSec-fr/CVE-2021-21985-Checker
daedalus/CVE-2021-21985 https://github.com/daedalus/CVE-2021-21985
bigbroke/CVE-2021-21985 https://github.com/bigbroke/CVE-2021-21985
mauricelambert/CVE-2021-21985 https://github.com/mauricelambert/CVE-2021-21985
GitHub Search Results: Up to 10
NameURL
r0ckysec/CVE-2021-21985 github.com
xnianq/cve-2021-21985_exp github.com
alt3kx/CVE-2021-21985_PoC github.com
testanull/Project_CVE-2021-21985_PoC github.com
onSec-fr/CVE-2021-21985-Checker github.com
daedalus/CVE-2021-21985 github.com
bigbroke/CVE-2021-21985 github.com
mauricelambert/CVE-2021-21985 github.com
2023/02/22 Score : 0
Added Har-sia Database : 2021/05/26
Last Modified : 2023/02/22
Highest Scored Date : 2021/06/05
Highest Score : 92