VMware Releases Security Updates for vRealize Operations Manager

Threat ID:: CC-3808
Threat Severity:: Information only
Published:: 31 March 2021 11:09 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Affected platforms

The following platforms are known to be affected:

VMware vRealize Operations Manager: All versions prior to 8.3.0 HF3 / 8.2.0 HF4 / 8.1.1 HF6 / 8.0.1 HF7 / 7.5.0 HF14

Threat details

Introduction

VMware has released an update to address critical vulnerabilities in VMware vRealize Operations Manager. An attacker could exploit these vulnerabilities to steal administrative account credentials and take control of an affected system.

VMware Cloud Foundation and vRealize Suite Lifecycle Manager may deploy vRealize Operations Manager appliances.

Remediation advice

Organisations are encouraged to review VMware security advisory VMSA-2021-0004 and apply any necessary updates or workarounds if it is not possible to apply the update. More information about this patch can be found at VMSA-2021-0004 FAQ (83265).

CVE Vulnerabilities

Status Reserved

CVE-2021-21975

The vRealize Operations Manager API contains a Server Side Request Forgery. VMware has evaluated this issue to be of 'Important' severity with a maximum CVSSv3 base score of 8.6. A malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.

Status Reserved

CVE-2021-21983

The vRealize Operations Manager API contains an arbitrary file write vulnerability. VMware has evaluated this issue to be of 'Important' severity with a maximum CVSSv3 base score of 7.2. An authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system.

Last edited: 1 April 2021 1:37 pm