The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to access restricted endpoints.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Cloud_foundation | Vmware | 3.0 (including) | 5.0 (excluding) |
Vcenter_server | Vmware | 6.7 (including) | 6.7 (including) |
Vcenter_server | Vmware | 7.0 (including) | 7.0 (including) |