VMSA-2021-0023:VMware vRealize Orchestrator update addresses open redirect vulnerability

🗓️ 10 Oct 2021 00:00:00Reported by VMwareType

vmware

vmware🔗 support.broadcom.com👁 13 Views

VMware vRealize Orchestrator update fixes open redirect vulnerability CVE-2021-22036 with CVSS score 6.5.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2021-22036	13 Oct 202120:26	–	circl
CNNVD	Vmware VMware vRealize Log Insight 信息泄露漏洞	13 Oct 202100:00	–	cnnvd
CNVD	VMware vRealize Orchestrator Open Redirect Vulnerability	14 Oct 202100:00	–	cnvd
CVE	CVE-2021-22036	13 Oct 202115:52	–	cve
Cvelist	CVE-2021-22036	13 Oct 202115:52	–	cvelist
EUVD	EUVD-2021-9205	3 Oct 202520:07	–	euvd
NVD	CVE-2021-22036	13 Oct 202116:15	–	nvd
Prion	Open redirect	13 Oct 202116:15	–	prion
RedhatCVE	CVE-2021-22036	9 Jan 202611:19	–	redhatcve
VMware	VMware vRealize Orchestrator update addresses open redirect vulnerability (CVE-2021-22036)	12 Oct 202100:00	–	vmware

Vulners

Node

vmware vrealize_orchestratorRange<8.6

OR

vmware vrealize_automationRange<8.6

OR

vmware cloud_foundation_(vrealize_automation)Range<Patch

Source	Link
vmware	www.vmware.com/security/advisories/VMSA-2021-0023.xml
vmware	www.vmware.com/support/policies/security_response.html
customerconnect	www.customerconnect.vmware.com/downloads/details
docs	www.docs.vmware.com/en/vRealize-Orchestrator/8.6/rn/VMware-vRealize-Orchestrator-86-Release-Notes.html
customerconnect	www.customerconnect.vmware.com/downloads/details
docs	www.docs.vmware.com/en/vRealize-Automation/8.6/rn/vmware-vrealize-automation-86-release-notes/index.html
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
lists	www.lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
kb	www.kb.vmware.com/kb/1055
vmware	www.vmware.com/security/advisories

11 Oct 2021 18:38Current

6.4Medium risk

Vulners AI Score6.4

CVSS 24.3

CVSS 3.16.5

EPSS0.00582

vmware vrealize orchestrator update open redirect vulnerability cve-2021-22036 cvss score 6.5 affected products.