| Vulnerability Name: | CVE-2021-21981 (CCN-200183) | ||||||||||||
| Assigned: | 2021-04-19 | ||||||||||||
| Published: | 2021-04-19 | ||||||||||||
| Updated: | 2021-04-22 | ||||||||||||
| Summary: | VMware NSX-T contains a privilege escalation vulnerability due to an issue with RBAC (Role based access control) role assignment. Successful exploitation of this issue may allow attackers with local guest user account to assign privileges higher than their own permission level. | ||||||||||||
| CVSS v3 Severity: | 7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) 6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||
| Vulnerability Type: | CWE-269 | ||||||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2021-21981 Source: XF Type: UNKNOWN vmware-cve202121981-priv-esc(200183) Source: CCN Type: VMware Security Advisory VMSA-2021-0006 VMware NSX-T updates address a privilege escalation vulnerability (CVE-2021-21981) Source: MISC Type: Patch, Vendor Advisory https://www.vmware.com/security/advisories/VMSA-2021-0006.html | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||