CVE-2021-26987: Code Injection

March 15, 2021 (updated March 22, 2021)

SpringBoot Framework is susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-in for vCenter Server, Management Services and Management Node contain vulnerable versions of SpringBoot Framework.

References

nvd.nist.gov/vuln/detail/CVE-2021-26987
security.netapp.com/advisory/ntap-20210315-0001/

Detect and mitigate CVE-2021-26987 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →