{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-22015","assignerOrgId":"dcf2e128-44bd-42ed-91e8-88f912c1401d","assignerShortName":"vmware","dateUpdated":"2024-08-03T18:30:23.928Z","dateReserved":"2021-01-04T00:00:00.000Z","datePublished":"2021-09-23T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"dcf2e128-44bd-42ed-91e8-88f912c1401d","shortName":"vmware","dateUpdated":"2022-12-06T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appliance."}],"affected":[{"vendor":"n/a","product":"VMware vCenter Server, VMware Cloud Foundation","versions":[{"version":"VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)","status":"affected"}]}],"references":[{"url":"https://www.vmware.com/security/advisories/VMSA-2021-0020.html"},{"url":"http://packetstormsecurity.com/files/170116/VMware-vCenter-vScalation-Privilege-Escalation.html"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"Multiple local privilege escalation vulnerabilities"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T18:30:23.928Z"},"title":"CVE Program Container","references":[{"url":"https://www.vmware.com/security/advisories/VMSA-2021-0020.html","tags":["x_transferred"]},{"url":"http://packetstormsecurity.com/files/170116/VMware-vCenter-vScalation-Privilege-Escalation.html","tags":["x_transferred"]}]}]}}