CVE-2021-21973

VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure. Vendor/Product: VMware vCenter Server and Cloud Foundation. Added to CISA KEV 2022-03-07; required action: Apply updates per vendor instructions.