CVE-2021-22006: 
vSphere vCenter Server vulnerability analysis and mitigation

CVE-2021-22006 is a reverse proxy bypass vulnerability affecting VMware vCenter Server. The vulnerability exists due to the way the endpoints handle the URI and was disclosed in September 2021. The vulnerability affects VMware vCenter Server versions 6.7 and 7.0, but does not affect version 6.5. VMware has evaluated this vulnerability to be in the Important severity range with a CVSS v3.1 base score of 8.3 (VMware Advisory).

The vulnerability exists in the vCenter Server's endpoint handling mechanism where it fails to properly handle URI requests, allowing for reverse proxy bypass. The vulnerability has been assigned a CVSS v3.1 base score of 8.3, indicating a high severity level. The vulnerability specifically affects the server's handling of requests on port 443 (VMware Advisory).

A successful exploitation of this vulnerability allows a malicious actor with network access to port 443 on vCenter Server to access restricted endpoints. This could potentially lead to unauthorized access to sensitive system resources and compromise the security of the affected system (VMware Advisory).

VMware has released patches to address this vulnerability. Affected users should upgrade to the following versions: vCenter Server 7.0 users should upgrade to version 7.0 U2c, and vCenter Server 6.7 users should upgrade to version 6.7 U3o. No workarounds are available for this vulnerability, making patch application the only effective mitigation strategy (VMware Advisory).