Vulnerability detail
Enriched intelligence for a single CVE
Critical
CVE-2021-21978
PUBLISHEDVMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. Improper input validation and lack of...
- Vendor
- VMware
- Product
- VMware View Planner
- Published
- Mar 03, 2021
- EPSS
- —
Automate this intelligence with the Pro API
Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot sensor data — is available programmatically for VM, SOC, and CTI workflows.
Description
VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. Improper input validation and lack of authorization leading to arbitrary file upload in logupload web application. An unauthorized attacker with network access to View Planner Harness could upload and execute a specially crafted file leading to remote code execution within the logupload container.
CVSS scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AV:N/AC:L/Au:N/C:P/I:P/A:P
Known exploited vulnerability sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| The Shadowserver (via CIRCL) First | 2025-04-22 00:00 UTC |
Scanner integrations
| Scanner | Reference | Detected |
|---|---|---|
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/vmware_view_planner_4_6_uploadlog_rce.rb | Apr 28, 2025 |
| Nuclei | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-21978.yaml | Apr 25, 2025 |
Potential proof of concepts
These PoCs are unverified and could contain malware. Use at your own risk.
metasploit · Created Unknown
Metasploit module for CVE-2021-21978
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Proof of Concept Exploit Available
-
Added to KEVIntel
-
Detected by Nuclei
-
Detected by Metasploit