CVE-2021-21985: VMware vCenter Server Improper Input Validation

VMware vCenter Server Improper Input Validation Vulnerability. VMware vSphere Client contains an improper input validation vulnerability in the Virtual SAN Health Check plug-in, which is enabled by default in vCenter Server, which allows for remote code execution.

• CISA KEV-listed (remediation due 2021-11-17)
• used in ransomware campaigns
• EPSS 94.4% (100.0% percentile)

Browse the CVE database

Read the full analysis on IntelFusions