Enhancement: cves/2021/CVE-2021-22005.yaml by mp

cves/2021/CVE-2021-22005.yaml

@@ -1,15 +1,15 @@
 id: CVE-2021-22005
 
 info:
-  name: VMware vCenter Server file upload vulnerability
+  name: VMware vCenter Server - Arbitrary File Upload
   author: PR3R00T
   severity: critical
-  description: The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3
+  description: VMware vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.
-    base score of 9.8.
   reference:
     - https://kb.vmware.com/s/article/85717
     - https://www.vmware.com/security/advisories/VMSA-2021-0020.html
     - https://core.vmware.com/vmsa-2021-0020-questions-answers-faq
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-22005
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -39,3 +39,5 @@ requests:
           - "contains(body_1, 'VMware vSphere')"
           - "content_length_2 == 0"
         condition: and
+
+# Enhanced by mp on 2022/05/05