Unauthenticated API Endpoint Vulnerability in vCenter Server Content Library Allows Unauthorized VM Network Setting Manipulation

Unauthenticated API Endpoint Vulnerability in vCenter Server Content Library Allows Unauthorized VM Network Setting Manipulation

CVE-2021-22011 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to perform unauthenticated VM network setting manipulation.

Learn more about our Cis Benchmark Audit For Server Software.