Exploit for CVE-2021-21983

CVE-2021-21975 VMware vRealize Operations vROps Manager API...

Veritas InfoScale Operations Manager路径遍历漏洞

Veritas Infoscale Operations Manager is a suite of software from Veritas USA for the management of entire InfoScale deployments. Veritas InfoScale Operations Manager is vulnerable to a path traversal vulnerability in the web server admin/cgi-bin/rulemgr.pl/getfile/, which is caused by a lack of...

Veritas Infoscale Operations Manager跨站脚本漏洞

Veritas Infoscale Operations Manager is a suite of software from Veritas, Inc. for the management of entire InfoScale deployments. A cross-site scripting vulnerability exists in Veritas InfoScale Operations Manager, which stems from a lack of filtering and escaping of user-submitted parameters in...

CVE-2022-26484

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via...

CVE-2022-26483

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting XSS vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP...

CVE-2022-26483

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting XSS vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP...

Directory traversal

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via...

CVE-2022-26484

Veritas InfoScale Operations Manager (VIOM) is affected by CVE-2022-26484. The issue is a directory traversal vulnerability in the web server’s admin/cgi-bin/rulemgr.pl/getfile/ path, enabling a remote authenticated administrator to read arbitrary files on the system by manipulating resource name...

CVE-2022-26484

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via...

CVE-2022-26483

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting XSS vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP...

CVE-2022-26483

Veritas InfoScale Operations Manager (VIOM) is affected by CVE-2022-26483. A reflected cross-site scripting (XSS) vulnerability exists in admin/cgi-bin/listdir.pl that allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP GET parameter due to insufficient ...

Veritas InfoScale Operations Manager路径遍历漏洞

Veritas Infoscale Operations Manager is a suite of software from Veritas USA for the management of entire InfoScale deployments. Veritas InfoScale Operations Manager is vulnerable to a path traversal vulnerability in the web server admin/cgi-bin/rulemgr.pl/getfile/, which is caused by a lack of...

VMware vRealize Operations Manager API Server Side Request Forgery (CVE-2021-21975)

A sever-side request forgery vulnerability exists in VMware vRealize Operations Manager. Successful exploitation of this vulnerability could possibly lead to an attacker accessing administrative credentials...

VMware vRealize Operations Manager Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028)

Binary data vmwarevrealizeoperationsmanagerlog4shell.nbin...

VMware Server Side Request Forgery in vRealize Operations Manager API

Server Side Request Forgery SSRF in vRealize Operations Manager API prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API to perform a SSRF attack to steal administrative credentials...

VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)

1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...

VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)

1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...

VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)

1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...

CVE-2021-40096

A cross-site scripting XSS vulnerability in integration configuration in SquaredUp for SCOM 5.2.1.6654 allows remote attackers to inject arbitrary web script or HTML via modification of the authorisationUrl in some integration configurations...

SquaredUp跨站脚本漏洞

A cross-site scripting vulnerability exists in the integration configuration of SquaredUp for SCOM version 5.2.1.6654, which could be exploited by remote attackers to inject arbitrary web scripts or HTML...