Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions prior to 1.3.2 are susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-in for vCenter Server, Management Services versions prior to 2.17.56 and Management Node versions through 12.2 contain vulnerable versions of SpringBoot Framework.
References
Link | Resource |
---|---|
https://security.netapp.com/advisory/ntap-20210315-0001/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
07 Apr 2022, 15:02
Type | Values Removed | Values Added |
---|---|---|
First Time |
Vmware spring Boot
Vmware |
|
CPE | cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:* |
22 Mar 2021, 14:01
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20210315-0001/ - Vendor Advisory | |
CPE | cpe:2.3:a:netapp:element_plug-in_for_vcenter_server:*:*:*:*:*:*:*:* cpe:2.3:a:netapp:solidfire_\&_hci_management_node:*:*:*:*:*:*:*:* cpe:2.3:a:pivotal_software:spring_boot:*:*:*:*:*:*:*:* cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:*:*:*:*:*:*:*:* |
|
CWE | NVD-CWE-noinfo |
15 Mar 2021, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-03-15 22:15
Updated : 2023-12-10 13:41
NVD link : CVE-2021-26987
Mitre link : CVE-2021-26987
CVE.ORG link : CVE-2021-26987
JSON object : View
Products Affected
vmware
- spring_boot
netapp
- element_plug-in_for_vcenter_server
- solidfire_\&_hci_management_node
- management_services_for_element_software_and_netapp_hci
CWE