CVE-2021-21973 Vulnerability Analysis & Exploit Details

CVE-2021-21973 Vulnerability Summary

CVE-2021-21973: The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue by sending a POST request to vCenter Server plugin leading to information disclosure. This affects: VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).

Exploit Prediction Scoring System (EPSS)

The EPSS score estimates the probability that this vulnerability will be exploited in the near future.

EPSS Score: 12.546% (probability of exploit)

EPSS Percentile: 95.56% (lower percentile = lower relative risk)
This vulnerability is less risky than approximately 4.439999999999998% of others.

CVE-2021-21973 References

External References

• https://www.vmware.com/security/advisories/VMSA-2021-0002.html
• https://www.vmware.com/security/advisories/VMSA-2021-0002.html

CWE Common Weakness Enumeration

CAPEC Common Attack Pattern Enumeration and Classification

• Server Side Request Forgery CAPEC-664 An adversary exploits improper input validation by submitting maliciously crafted input to a target application running on a server, with the goal of forcing the server to make a request either to itself, to web services running in the server’s internal network, or to external third parties. If successful, the adversary’s request will be made with the server’s privilege level, bypassing its authentication controls. This ultimately allows the adversary to access sensitive data, execute commands on the server’s network, and make external requests with the stolen identity of the server. Server Side Request Forgery attacks differ from Cross Site Request Forgery attacks in that they target the server itself, whereas CSRF attacks exploit an insecure user authentication mechanism to perform unauthorized actions on the user's behalf.

Vulnerable Configurations

• cpe:2.3:a:vmware:cloud_foundation:3.0:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:3.0:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:3.0:-:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:3.0:-:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:3.0.1:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:3.0.1:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:3.0.1.1:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:3.0.1.1:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:3.5:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:3.5:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:3.5.1:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:3.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:3.7:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:3.7:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:3.7.1:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:3.7.1:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:3.7.2:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:3.7.2:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:3.8:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:3.8:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:3.8.1:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:3.8.1:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:3.9:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:3.9:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:3.9.1:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:3.9.1:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:3.10:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:3.10:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:3.10:-:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:3.10:-:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:3.10.1:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:3.10.1:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:3.10.1.1:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:3.10.1.1:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:4.0:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:4.0:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:4.0:-:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:4.0:-:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:4.0.1:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:4.0.1:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:4.1:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:4.1:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:cloud_foundation:4.1.0.1:*:*:*:*:*:*:*
  cpe:2.3:a:vmware:cloud_foundation:4.1.0.1:*:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:update3f:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:update3f:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.5:update3k:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.5:update3k:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.7:update3a:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.7:update3a:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.7:update3b:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.7:update3b:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.7:update3f:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.7:update3f:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.7:update3g:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.7:update3g:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:6.7:update3j:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:6.7:update3j:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*
• cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*
  cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*

Other 5 Recently Published CVEs Vulnerabilities

• CVE-2025-3809 – The Debug Log Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the auto-refresh debug log in all versions up to, and i...
• CVE-2025-2111 – The Insert Headers And Footers plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.1. This i...
• CVE-2024-13926 – The WP-Syntax WordPress plugin through 1.2 does not properly handle input, allowing an attacker to create a post containing a large number of tags,...
• CVE-2025-3103 – The CLEVER - HTML5 Radio Player With History - Shoutcast and Icecast - Elementor Widget Addon plugin for WordPress is vulnerable to arbitrary file ...
• CVE-2025-3275 – The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the TF E Slider widget in all versions up...