CVE-2021-21980

Name of the Vulnerable Software and Affected Versions vSphere Web Client (FLEX/Flash) (affected versions not specified)

Description The vSphere Web Client contains an unauthorized arbitrary file read issue. A malicious actor with network access to port 443 on vCenter Server may exploit this to gain access to sensitive information by sending a specially crafted HTTP request. This issue may allow an attacker to read arbitrary files, potentially leading to unauthorized access to protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.