Unauthenticated Appliance Management API in vCenter Server Allows Information Disclosure
CVE-2021-22012 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
The vCenter Server contains an information disclosure vulnerability due to an unauthenticated appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.
Learn more about our Cis Benchmark Audit For Server Software.