7.5
CVSSv3

CVE-2021-22027

Published: 30/08/2021 Updated: 01/02/2022
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

The vRealize Operations Manager API (8.x before 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

vmware cloud foundation

vmware vrealize operations manager 7.5.0

vmware vrealize operations manager

vmware vrealize suite lifecycle manager

Vendor Advisories

Sign up for Security Advisories Stay up to date on the latest VMware Security advisories and updates ...