Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed.
Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
---|---|---|---|---|---|
CVE-2021-22017 | VMware vCenter Server Improper Access Control | primary_impact | T1090.001 | Internal Proxy |
Comments
The vulnerability in Rhttproxy within VMware's vCenter Server arises from an improper implementation of URI normalization. Attackers with network access to port 443 on the vCenter Server exploit this flaw by sending specially crafted requests, allowing them to bypass the proxy mechanism. This exploitation grants unauthorized access to internal endpoints, potentially exposing sensitive information.
References
|
CVE-2021-22017 | VMware vCenter Server Improper Access Control | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
The vulnerability in Rhttproxy within VMware's vCenter Server arises from an improper implementation of URI normalization. Attackers with network access to port 443 on the vCenter Server exploit this flaw by sending specially crafted requests, allowing them to bypass the proxy mechanism. This exploitation grants unauthorized access to internal endpoints, potentially exposing sensitive information.
References
|