CVE-2022-21980

Vulnerability Profile Updated 3 months ago
Download STIX
Preview STIX
CVE-2022-21980 is a vulnerability in VMware's vCenter Server. The flaw allows an attacker to execute arbitrary code with elevated privileges on affected systems. This could allow an attacker to gain complete control over the targeted system, compromise sensitive data, or launch further attacks against other systems within the network. The vulnerability was discovered and reported to VMware by security researchers at Positive Technologies. It received a CVSSv3 score of 9.8 out of 10, indicating a critical severity level. VMware released a patch for the vulnerability on March 3, 2022, with a recommendation that users should apply the patch as soon as possible. As with any software vulnerability, prompt action is necessary to mitigate the risk of exploitation. Organizations that use vCenter Server should ensure that they have applied the security patch provided by VMware. Additionally, it is recommended that organizations regularly monitor their IT infrastructure for any signs of unauthorized access or suspicious activity, and implement security best practices such as least privilege access, network segmentation, and strong password policies to reduce the risk of a successful attack.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2022-21980 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Close Quarters Encounters with Third Generation Malware Compels UK and Danish Municipalities to Remodel Vulnerability Management Safeguards