Known Exploited Vulnerabilities CVE-2021-22017 Mappings

Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2021-22017 VMware vCenter Server Improper Access Control primary_impact T1090.001 Internal Proxy
Comments
The vulnerability in Rhttproxy within VMware's vCenter Server arises from an improper implementation of URI normalization. Attackers with network access to port 443 on the vCenter Server exploit this flaw by sending specially crafted requests, allowing them to bypass the proxy mechanism. This exploitation grants unauthorized access to internal endpoints, potentially exposing sensitive information.
References
CVE-2021-22017 VMware vCenter Server Improper Access Control exploitation_technique T1190 Exploit Public-Facing Application
Comments
The vulnerability in Rhttproxy within VMware's vCenter Server arises from an improper implementation of URI normalization. Attackers with network access to port 443 on the vCenter Server exploit this flaw by sending specially crafted requests, allowing them to bypass the proxy mechanism. This exploitation grants unauthorized access to internal endpoints, potentially exposing sensitive information.
References