Is CVE-2021-22006 known to be exploited?

12 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Vmware Vcenter Server, Cloud Foundation

CVE-2021-22006

The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to access restricted endpoints.

EPSS: 0.573 (98.2th percentile) — read the EPSS interpretation.

Affected products

N/a Vmware Vcenter Server, Cloud Foundation — versions VMware vCenter Server(7.x before 7.0 U2c and 6.7 before 6.7 U3o) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)

Public proof-of-concept exploits

CrackerCat/CVE-2021-22006
12442RF/Learn
20142995/nuclei-templates
34zY/APT-Backpack
ARPSyndicate/cve-scores
ARPSyndicate/cvemon
cyb3r-w0lf/nuclei-template-collection
k0mi-tg/CVE-POC
manas3c/CVE-POC
nomi-sec/PoC-in-GitHub

References

www.vmware.com/security/advisories/VMSA-2021-0020.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-22006?: CVE-2021-22006 is a vulnerability in Vmware Vcenter Server, Cloud Foundation. Published 2021-09-23.
Is CVE-2021-22006 known to be exploited?: 12 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.