CVE-2021-21975

Warnung

Exploit

EPSS 94.42%
Veröffentlicht 31.03.2021 18:15:14
Zuletzt bearbeitet 12.03.2025 20:57:43
Quelle security@vmware.com
Teams Watchlist Login
Unerledigt Login

Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.

Betroffene Produkte Warnungen 1 Metriken 4 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

VMware ≫ Cloud Foundation Version3.0

VMware ≫ Cloud Foundation Version3.0.1

VMware ≫ Cloud Foundation Version3.0.1.1

VMware ≫ Cloud Foundation Version3.5

VMware ≫ Cloud Foundation Version3.5.1

VMware ≫ Cloud Foundation Version3.7

VMware ≫ Cloud Foundation Version3.7.1

VMware ≫ Cloud Foundation Version3.7.2

VMware ≫ Cloud Foundation Version3.8

VMware ≫ Cloud Foundation Version3.8.1

VMware ≫ Cloud Foundation Version3.9

VMware ≫ Cloud Foundation Version3.9.1

VMware ≫ Cloud Foundation Version3.10

VMware ≫ Cloud Foundation Version4.0

VMware ≫ Cloud Foundation Version4.0.1

VMware ≫ Vrealize Operations Manager Version7.0.0

VMware ≫ Vrealize Operations Manager Version7.5.0

VMware ≫ Vrealize Operations Manager Version8.0.0

VMware ≫ Vrealize Operations Manager Version8.0.1

VMware ≫ Vrealize Operations Manager Version8.1.0

VMware ≫ Vrealize Operations Manager Version8.1.1

VMware ≫ Vrealize Operations Manager Version8.2.0

VMware ≫ Vrealize Operations Manager Version8.3.0

VMware ≫ Vrealize Suite Lifecycle Manager Version8.0

VMware ≫ Vrealize Suite Lifecycle Manager Version8.0.1

VMware ≫ Vrealize Suite Lifecycle Manager Version8.1

VMware ≫ Vrealize Suite Lifecycle Manager Version8.2

18.01.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

VMware Server Side Request Forgery in vRealize Operations Manager API

Schwachstelle

Server Side Request Forgery (SSRF) in vRealize Operations Manager API prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API to perform a SSRF attack to steal administrative credentials.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	94.42%	1

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-918 Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html

Third Party Advisory

Exploit

VDB Entry

https://www.vmware.com/security/advisories/VMSA-2021-0004.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-21975

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-21975

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-21975

EUVD