Quickfire Cyber Bulletin June 5, 2026
← Back

CVE-2021-22005

VMware vCenter Server File Upload Vulnerability

High

Description

VMware vCenter Server contains a file upload vulnerability in the Analytics service that allows a user with network access to port 443 to execute code.

Scores & Signals

EPSS score 0.9446 (100.0th percentile)
CISA KEV Yes — actively exploited (added 2021-11-03) · due 2021-11-17
Affected VMware vCenter Server

Sources

External references

Risk scores are deterministic, based on public signals only. They are informational context, not a final verdict. Always consult vendor advisories before taking action.