CVE-2021-22013

Name of the Vulnerable Software and Affected Versions vCenter Server (affected versions not specified)

Description The vCenter Server contains a file path traversal vulnerability leading to information disclosure in the appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information by sending a specially crafted HTTP request. This vulnerability is related to insufficient directory path checking in the vCenter Server Appliance Management Interface (VAMI), allowing unauthorized access to protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.