CVE-2021-22017 - Vulnerability Details - OpenCVE

Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is in the KEV database since Jan. 10, 2022.

Exploitation active

Automatable yes

Technical Impact partial

Vendors	Products
Vmware	Vcenter Server

Configuration 1 [-]

cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.vmware.com/security/advisories/VMSA-2021-0020.html

History

Wed, 29 Jan 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		kev `{'dateAdded': '2022-01-10'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: vmware

Published: 2021-09-23T12:13:01.000Z

Updated: 2025-01-29T17:55:15.936Z

Reserved: 2021-01-04T00:00:00.000Z

Link: CVE-2021-22017

Vulnrichment

Updated: 2024-08-03T18:30:23.942Z

NVD

Status : Modified

Published: 2021-09-23T13:15:08.207

Modified: 2025-01-29T18:15:39.913

Link: CVE-2021-22017

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "VMware vCenter Server, VMware Cloud Foundation", "vendor": "n/a", "versions": [{"status": "affected", "version": "VMware vCenter Server(6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation 3.x before 3.10.2.2"}]}], "descriptions": [{"lang": "en", "value": "Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed."}], "problemTypes": [{"descriptions": [{"description": "Rhttpproxy bypass vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-09-23T12:13:01.000Z", "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@vmware.com", "ID": "CVE-2021-22017", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "VMware vCenter Server, VMware Cloud Foundation", "version": {"version_data": [{"version_value": "VMware vCenter Server(6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation 3.x before 3.10.2.2"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Rhttpproxy bypass vulnerability"}]}]}, "references": {"reference_data": [{"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html", "refsource": "MISC", "url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T18:30:23.942Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-noinfo Not enough information"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-01-29T17:54:48.927818Z", "id": "CVE-2021-22017", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-01-10", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-22017"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-29T17:55:15.936Z"}}]}, "cveMetadata": {"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "cveId": "CVE-2021-22017", "datePublished": "2021-09-23T12:13:01.000Z", "dateReserved": "2021-01-04T00:00:00.000Z", "dateUpdated": "2025-01-29T17:55:15.936Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T18:30:23.942Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2021-22017", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-01-29T17:54:48.927818Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-01-10", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-22017"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-29T17:54:37.928Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "VMware vCenter Server, VMware Cloud Foundation", "versions": [{"status": "affected", "version": "VMware vCenter Server(6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation 3.x before 3.10.2.2"}]}], "references": [{"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Rhttpproxy bypass vulnerability"}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2021-09-23T12:13:01.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "VMware vCenter Server(6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation 3.x before 3.10.2.2"}]}, "product_name": "VMware vCenter Server, VMware Cloud Foundation"}]}, "vendor_name": "n/a"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html", "name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html", "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Rhttpproxy bypass vulnerability"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-22017", "STATE": "PUBLIC", "ASSIGNER": "security@vmware.com"}}}}, "cveMetadata": {"cveId": "CVE-2021-22017", "state": "PUBLISHED", "dateUpdated": "2025-01-29T17:55:15.936Z", "dateReserved": "2021-01-04T00:00:00.000Z", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "datePublished": "2021-09-23T12:13:01.000Z", "assignerShortName": "vmware"}, "dataVersion": "5.1"}

{"cisaActionDue": "2022-01-24", "cisaExploitAdd": "2022-01-10", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "VMware vCenter Server Improper Access Control", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*", "matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed."}, {"lang": "es", "value": "Rhttproxy, tal y como se usa en vCenter Server, contiene una vulnerabilidad debido a una implementaci\u00f3n inapropiada de la normalizaci\u00f3n de URI. Un actor malicioso con acceso de red al puerto 443 en vCenter Server puede explotar este problema para omitir el proxy, conllevando a un acceso a endpoints internos"}], "id": "CVE-2021-22017", "lastModified": "2025-01-29T18:15:39.913", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2021-09-23T13:15:08.207", "references": [{"source": "security@vmware.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}