logo
DATABASE RESOURCES PRICING ABOUT US

VMware vRealize Operations updates address Server Side Request Forgery and Arbitrary File Write vulnerabilities (CVE-2021-21975, CVE-2021-21983)

Description

3a. Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) The vRealize Operations Manager API contains a Server Side Request Forgery. VMware has evaluated this issue to be of 'Important' severity with a maximum CVSSv3 base score of 8.6. 3b. Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) The vRealize Operations Manager API contains an arbitrary file write vulnerability. VMware has evaluated this issue to be of 'Important' severity with a maximum CVSSv3 base score of 7.2.


Affected Software


CPE Name Name Version
vrealize operations manager 8.4.0
vrealize operations manager 8.3.0
vrealize operations manager 8.2.0
vrealize operations manager 8.1.1
vrealize operations manager 8.1.0
vrealize operations manager 8.0.1
vrealize operations manager 8.0.0
vrealize operations manager 7.5.0
vrealize operations manager 7.0.0
vrealize operations manager 6.7.0
vmware cloud foundation (vrops) 4.x
vmware cloud foundation (vrops) 3.x
vrealize suite lifecycle manager (vrops) 8.x

Related