Remember the 2 critical vulnerabilities for VMware earlier at https://myseq.blogspot.com/2021/06/two-critical-vulnerabilties-at-vsphere.html
Here's the update:
$ ./kvi-cli.py -v cve 2021-21985 2021-21986 -z
[*] Searching cve-[['2021-21985', '2021-21986']] vulnerability definitions within Kenna.VI+....
[ CVE Description ]
[*] CVE_ID : CVE-2021-21985
[_] Desc : The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.
[ Kenna.VM Summary ]
[*] Vuln Risk : 92.7286
[*] Easily_Exploit : True
[*] Malware_Exploit : False
[*] Popular_Target : False
[*] Active_Internet_Breach : True
[ Kenna.VI+ ]
[*] Successful_Exploitations : 1
[*] Velocity (D/W/M) : 0/0/1
[*] Daily_Trend : holding
[*] Pre_NVD : True [_FALSE_]
[*] RCE : [_TRUE_] False
[*] Predicted_Exploitable : 1 (0.3460% confidence)
[ Kenna.VI+ Details ]
[_] Created_at : 2021-01-04T23:00:01Z
[_] Published : 2021-05-26T15:15:00Z
[_] Last_Modified : 2021-06-03T14:19:00Z
[ Links / References ]
[*] Malware sample : 0
[_] Exploits/POC [1]:
[ --> ] created_at : 2021-06-05T15:00:00Z
[ --> ] external_id : kenna.CVE-2021-21985
[ --> ] name : CVE-2021-21985: Vcenter Server CVE-2021-21985 RCE PAYLOAD
[ --> ] source : kenna
[ --> ] url : https://www.iswin.org/2021/06/02/Vcenter-Server-CVE-2021-21985-RCE-PAYLOAD/
[_] Fixes [5]:
[ --> ] external_id : 216260
[ --> ] url : https://www.vmware.com/security/advisories/VMSA-2021-0010.html
[ --> ] product : vcenter
[ --> ] published_at : 2021-05-26T13:34:51Z
[ --> ] external_id : 216261
[ --> ] url : https://www.vmware.com/security/advisories/VMSA-2021-0010.html
[ --> ] product : vcenter
[ --> ] published_at : 2021-05-26T13:34:51Z
[ --> ] external_id : 216259
[ --> ] url : https://www.vmware.com/security/advisories/VMSA-2021-0010.html
[ --> ] product : vcenter
[ --> ] published_at : 2021-05-26T13:34:51Z
[ --> ] external_id : vmsa-2021-0010-cve-2021-21985-vcenter
[ --> ] url : None
[ --> ] product : None
[ --> ] published_at : 2021-05-25T00:00:00Z
[ --> ] external_id : 730102
[ --> ] url : https://www.vmware.com/security/advisories/VMSA-2021-0010.html
[ --> ] product : vcenter
[ --> ] published_at : 2021-06-03T23:50:38Z
[_] Threat Actors [0]:
[ --> ] None
[ CVSS2 / CVSS3 Details ]
| Impact | | | CVSS_Access
================+==========+===+================+==============
Availability | Complete | | Complexity | Low
Confidentiality | Complete | | Vector | Network
Integrity | Complete | | Authentication | None required
| CVSS_V2 | CVSS_V3
==============+=========+========
Base Score | 10.000 | 9.800
Exploit_Score | 10.000 | 3.900
Impact_Score | 10.000 | 5.900
Temporal | 7.400 | None
[*] CVSS v2 vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C
[*] CVSS v3 vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
[ Others ]
[*] Vulnerable Products [55] :
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:1:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:1b:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:1c:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u1:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u1b:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u1c:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u2c:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u2a:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u2:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u1b:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u1:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u1d:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u1e:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u1g:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u2:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u2b:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u2c:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u2d:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u2g:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u3:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u3:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u3d:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u3f:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u3k:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u3n:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:u1a:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:u1:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u3a:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u3b:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u3f:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u3g:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u3j:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:u1c:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:u1d:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u3l:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:u2:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:u2a:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u3m:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*
[ CVE Malware Family Info : None ]
[ CVE History : CVE-2021-21985 ]
[*] ID : 2931038
[*] Vuln Risk Score : 93
[*] History : 2
[**] changed_at : 2021-05-26T04:13:12.000Z
[**] from : 25
[**] to : 37
[**] changed_at : 2021-06-06T04:04:24.000Z
[**] from : 37
[**] to : 93
[ CVE Description ]
[*] CVE_ID : CVE-2021-21986
[_] Desc : The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network access to port 443 on vCenter Server may perform actions allowed by the impacted plug-ins without authentication.
[ Kenna.VM Summary ]
[*] Vuln Risk : 37.0796
[*] Easily_Exploit : False
[*] Malware_Exploit : False
[*] Popular_Target : False
[*] Active_Internet_Breach : False
[ Kenna.VI+ ]
[*] Successful_Exploitations : 0
[*] Velocity (D/W/M) : 0/0/0
[*] Daily_Trend : holding
[*] Pre_NVD : True [_FALSE_]
[*] RCE : True [_FALSE_]
[*] Predicted_Exploitable : 0 (0.1303% confidence)
[ Kenna.VI+ Details ]
[_] Created_at : 2021-01-04T23:00:01Z
[_] Published : 2021-05-26T15:15:00Z
[_] Last_Modified : 2021-06-03T14:19:00Z
[ Links / References ]
[*] Malware sample : 0
[_] Exploits/POC [0]:
[ --> ] None
[_] Fixes [4]:
[ --> ] external_id : 216260
[ --> ] url : https://www.vmware.com/security/advisories/VMSA-2021-0010.html
[ --> ] product : vcenter
[ --> ] published_at : 2021-05-26T13:34:51Z
[ --> ] external_id : 216261
[ --> ] url : https://www.vmware.com/security/advisories/VMSA-2021-0010.html
[ --> ] product : vcenter
[ --> ] published_at : 2021-05-26T13:34:51Z
[ --> ] external_id : 216259
[ --> ] url : https://www.vmware.com/security/advisories/VMSA-2021-0010.html
[ --> ] product : vcenter
[ --> ] published_at : 2021-05-26T13:34:51Z
[ --> ] external_id : vmsa-2021-0010-cve-2021-21986-vcenter
[ --> ] url : None
[ --> ] product : None
[ --> ] published_at : 2021-05-25T00:00:00Z
[_] Threat Actors [0]:
[ --> ] None
[ CVSS2 / CVSS3 Details ]
| Impact | | | CVSS_Access
================+==========+===+================+==============
Availability | Complete | | Complexity | Low
Confidentiality | Complete | | Vector | Network
Integrity | Complete | | Authentication | None required
| CVSS_V2 | CVSS_V3
==============+=========+========
Base Score | 10.000 | 9.800
Exploit_Score | 10.000 | 3.900
Impact_Score | 10.000 | 5.900
Temporal | 7.400 | None
[*] CVSS v2 vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C
[*] CVSS v3 vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
[ Others ]
[*] Vulnerable Products [55] :
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:1:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:1b:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:1c:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u1:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u1b:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u1c:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u2c:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u2a:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u2:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u1b:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u1:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u1d:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u1e:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u1g:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u2:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u2b:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u2c:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u2d:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u2g:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u3:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u3:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u3d:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u3f:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u3k:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.5:u3n:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:u1a:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:u1:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u3a:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u3b:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u3f:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u3g:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u3j:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:u1c:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:u1d:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u3l:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:u2:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:7.0:u2a:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:vcenter_server:6.7:u3m:*:*:*:*:*:*
[ --> ] cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*
[ CVE Malware Family Info : None ]
[ CVE History : CVE-2021-21986 ]
[*] ID : 2931039
[*] Vuln Risk Score : 37
[*] History : 3
[**] changed_at : 2021-05-26T04:13:12.000Z
[**] from : 25
[**] to : 30
[**] changed_at : 2021-05-27T04:16:24.000Z
[**] from : 30
[**] to : 44
[**] changed_at : 2021-06-04T04:19:46.000Z
[**] from : 44
[**] to : 37
[ High_Profile_Vulnerability ]
[!!!] CVE-2021-21985 (92.7286) : ['hpv_exploited', 'hpv_poc']
[!!!] CVE-2021-21986 (37.0796) : []
** [5] threads completed [6 tasks] / [11.54 KB] within [4.85 sec].