CVE-2021-21975
Known Exploited (CISA KEV)HIGH
7.5
CVSS Severity Score
Vulnerability Description
Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.
Affected Platforms (CPE)
📦
Vmware
Cloud Foundation
= 3.0📦
Vmware
Cloud Foundation
= 3.0.1📦
Vmware
Cloud Foundation
= 3.0.1.1📦
Vmware
Cloud Foundation
= 3.5📦
Vmware
Cloud Foundation
= 3.5.1📦
Vmware
Cloud Foundation
= 3.7📦
Vmware
Cloud Foundation
= 3.7.1📦
Vmware
Cloud Foundation
= 3.7.2📦
Vmware
Cloud Foundation
= 3.8📦
Vmware
Cloud Foundation
= 3.8.1📦
Vmware
Cloud Foundation
= 3.9📦
Vmware
Cloud Foundation
= 3.9.1📦
Vmware
Cloud Foundation
= 3.10📦
Vmware
Cloud Foundation
= 4.0📦
Vmware
Cloud Foundation
= 4.0.1📦
Vmware
Vrealize Operations Manager
= 7.0.0📦
Vmware
Vrealize Operations Manager
= 7.5.0📦
Vmware
Vrealize Operations Manager
= 8.0.0📦
Vmware
Vrealize Operations Manager
= 8.0.1📦
Vmware
Vrealize Operations Manager
= 8.1.0📦
Vmware
Vrealize Operations Manager
= 8.1.1📦
Vmware
Vrealize Operations Manager
= 8.2.0📦
Vmware
Vrealize Operations Manager
= 8.3.0📦
Vmware
Vrealize Suite Lifecycle Manager
= 8.0📦
Vmware
Vrealize Suite Lifecycle Manager
= 8.0.1📦
Vmware
Vrealize Suite Lifecycle Manager
= 8.1📦
Vmware