Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vrealize operations manager vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-22025
The vRealize Operations Manager API (8.x before 8.5) contains a broken access control vulnerability leading to unauthenticated API access. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can add new nodes to existing vROps cluster.
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
Vmware Vrealize Suite Lifecycle Manager
4
CVSSv2
CVE-2021-22022
The vRealize Operations Manager API (8.x before 8.5) contains an arbitrary file read vulnerability. A malicious actor with administrative access to vRealize Operations Manager API can read any arbitrary file on server leading to information disclosure.
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
Vmware Vrealize Suite Lifecycle Manager
5
CVSSv2
CVE-2021-22024
The vRealize Operations Manager API (8.x before 8.5) contains an arbitrary log-file read vulnerability. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can read any log file resulting in sensitive information disclosure.
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
Vmware Vrealize Suite Lifecycle Manager
6.5
CVSSv2
CVE-2021-22023
The vRealize Operations Manager API (8.x before 8.5) has insecure object reference vulnerability. A malicious actor with administrative access to vRealize Operations Manager API may be able to modify other users information leading to an account takeover.
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
Vmware Vrealize Suite Lifecycle Manager
5
CVSSv2
CVE-2021-22026
The vRealize Operations Manager API (8.x before 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information discl...
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
Vmware Vrealize Suite Lifecycle Manager
5
CVSSv2
CVE-2021-22027
The vRealize Operations Manager API (8.x before 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information discl...
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
Vmware Vrealize Suite Lifecycle Manager
5
CVSSv2
CVE-2021-21975
Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) before 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.
Vmware Vrealize Operations Manager 7.0.0
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager 8.0.0
Vmware Vrealize Operations Manager 8.0.1
Vmware Vrealize Operations Manager 8.1.0
Vmware Vrealize Operations Manager 8.1.1
Vmware Vrealize Operations Manager 8.2.0
Vmware Vrealize Operations Manager 8.3.0
Vmware Cloud Foundation 3.0
Vmware Cloud Foundation 3.0.1
Vmware Cloud Foundation 3.0.1.1
Vmware Cloud Foundation 3.5
Vmware Cloud Foundation 3.5.1
Vmware Cloud Foundation 3.7
Vmware Cloud Foundation 3.7.1
Vmware Cloud Foundation 3.7.2
Vmware Cloud Foundation 3.8
Vmware Cloud Foundation 3.8.1
Vmware Cloud Foundation 3.9
Vmware Cloud Foundation 3.9.1
Vmware Cloud Foundation 3.10
Vmware Cloud Foundation 4.0
1 Metasploit module
13 Github repositories
8.5
CVSSv2
CVE-2021-21983
Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) before 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system...
Vmware Vrealize Operations Manager 7.0.0
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager 8.0.0
Vmware Vrealize Operations Manager 8.0.1
Vmware Vrealize Operations Manager 8.1.0
Vmware Vrealize Operations Manager 8.1.1
Vmware Vrealize Operations Manager 8.2.0
Vmware Vrealize Operations Manager 8.3.0
Vmware Cloud Foundation 3.0
Vmware Cloud Foundation 3.0.1
Vmware Cloud Foundation 3.0.1.1
Vmware Cloud Foundation 3.5
Vmware Cloud Foundation 3.5.1
Vmware Cloud Foundation 3.7
Vmware Cloud Foundation 3.7.1
Vmware Cloud Foundation 3.7.2
Vmware Cloud Foundation 3.8
Vmware Cloud Foundation 3.8.1
Vmware Cloud Foundation 3.9
Vmware Cloud Foundation 3.9.1
Vmware Cloud Foundation 3.10
Vmware Cloud Foundation 4.0
1 Metasploit module
4 Github repositories
4
CVSSv2
CVE-2021-22033
Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability.
Vmware Cloud Foundation
Vmware Vrealize Operations
Vmware Vrealize Suite Lifecycle Manager
7.5
CVSSv2
CVE-2015-6934
Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations 5.x, and vCenter Application Discovery Manager (vADM) 7.x allow remote malicious users to execute arbitrary commands via a crafted serialized Ja...
Vmware Vrealize Orchestrator 6.0.2
Vmware Vcenter Orchestrator 5.5.2.1
Vmware Vcenter Orchestrator 5.5.2
Vmware Vcenter Orchestrator 5.5.1
Vmware Vcenter Orchestrator 5.5
Vmware Vrealize Orchestrator 6.0.1
Vmware Vrealize Orchestrator 6.0.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »