mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-13 01:44:43 +02:00
0xMarcio
1.1 KiB
1.1 KiB
CVE-2021-22048
Description
The vCenter Server contains a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism. A malicious actor with non-administrative access to vCenter Server may exploit this issue to elevate privileges to a higher privileged group.
POC
Reference
- http://packetstormsecurity.com/files/167733/VMware-Security-Advisory-2022-0025.2.html
- http://packetstormsecurity.com/files/167733/VMware-Security-Advisory-2022-0025.2.html
- http://packetstormsecurity.com/files/167795/VMware-Security-Advisory-2021-0025.3.html
- http://packetstormsecurity.com/files/167795/VMware-Security-Advisory-2021-0025.3.html