CVE-2021-22017
70Vexday Risk Score
Patch now. It under exploitation confirmed by CISA and has a working public exploit.
ssvc Actcvss 5.3epss 48%
from disclosure to weapon
Published on NVDSep 23
CISA KEV+109d
exploitation probability
48%top 1% of all CVEs
observed exploitation
yesCISA + VulnCheck
Action required by CISAfederal deadline: 2022-01-24
Apply updates per vendor instructions.
In short
vCenter Server's Rhttproxy doesn't properly normalize web addresses, allowing an attacker on the network to bypass the proxy and access internal systems that should be protected.
Technical detail
The vulnerability exploits improper URI normalization in Rhttproxy to bypass proxy controls on vCenter Server port 443, enabling an unauthenticated network attacker to reach internal endpoints that would normally be restricted, with CVSS 5.3 indicating moderate confidentiality impact.
Summary generated and translated by AI from the official description.
Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected products
n/a · VMware vCenter Server, VMware Cloud Foundation