cve/2021/CVE-2021-22014.md

### [CVE-2021-22014](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22014)
![](https://img.shields.io/static/v1?label=Product&message=VMware%20vCenter%20Server%2C%20VMware%20Cloud%20Foundation&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Authenticated%20code%20execution%20vulnerability&color=brighgreen)

### Description

The vCenter Server contains an authenticated code execution vulnerability in VAMI (Virtual Appliance Management Infrastructure). An authenticated VAMI user with network access to port 5480 on vCenter Server may exploit this issue to execute code on the underlying operating system that hosts vCenter Server.

### POC

#### Reference
- https://www.vmware.com/security/advisories/VMSA-2021-0020.html

#### Github
No PoCs found on GitHub currently.
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2021-22014](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22014)`
			`![](https://img.shields.io/static/v1?label=Product&message=VMware%20vCenter%20Server%2C%20VMware%20Cloud%20Foundation&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Authenticated%20code%20execution%20vulnerability&color=brighgreen)`

			`### Description`

			`The vCenter Server contains an authenticated code execution vulnerability in VAMI (Virtual Appliance Management Infrastructure). An authenticated VAMI user with network access to port 5480 on vCenter Server may exploit this issue to execute code on the underlying operating system that hosts vCenter Server.`

			`### POC`

			`#### Reference`
			`- https://www.vmware.com/security/advisories/VMSA-2021-0020.html`

			`#### Github`
			`No PoCs found on GitHub currently.`