{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T08:15:02.406","vulnerabilities":[{"cve":{"id":"CVE-2021-22042","sourceIdentifier":"security@vmware.com","published":"2022-02-16T17:15:10.537","lastModified":"2024-11-21T05:49:29.300","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged user."},{"lang":"es","value":"VMware ESXi contiene una vulnerabilidad de acceso no autorizado debido a que VMX presenta acceso a los tickets de autorización de settingsd. Un actor malicioso con privilegios sólo dentro del proceso VMX, puede ser capaz de acceder al servicio settingsd que es ejecutado como un usuario con altos privilegios"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0","versionEndExcluding":"4.4","matchCriteriaId":"DBED072F-DE79-41C6-AD4F-02E10BD27FBD"},{"vulnerable":true,"criteria":"cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*","matchCriteriaId":"2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9"},{"vulnerable":true,"criteria":"cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*","matchCriteriaId":"D3E3A02D-6C1E-4DE8-B845-60F53C056F32"},{"vulnerable":true,"criteria":"cpe:2.3:o:vmware:esxi:7.0:update_3:*:*:*:*:*:*","matchCriteriaId":"4ADC3CFF-7415-46A5-817A-2F053B261E8C"}]}]}],"references":[{"url":"https://www.vmware.com/security/advisories/VMSA-2022-0004.html","source":"security@vmware.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.vmware.com/security/advisories/VMSA-2022-0004.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}