CVSS: 7.5EPSS: 94%CPEs: 27EXPL: 10CVE-2021-21975 – VMware Server Side Request Forgery in vRealize Operations Manager API
https://notcve.org/view.php?id=CVE-2021-21975
31 Mar 2021 — Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials. una vulnerabilidad de Server Side Request Forgery en la API vRealize Operations Manager (CVE-2021-21975) anterior a la versión 8.4, puede permitir que un actor malicioso con acceso de red a la API vRealize Operations Manager pueda realizar un ata... • https://packetstorm.news/files/id/162349 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.5EPSS: 83%CPEs: 27EXPL: 3CVE-2021-21983 – VMware vRealize Operations Manager Server-Side Request Forgery / Code Execution
https://notcve.org/view.php?id=CVE-2021-21983
31 Mar 2021 — Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system. La vulnerabilidad de escritura arbitraria de archivos en la API vRealize Operations Manager (CVE-2021-21983) anterior a la versión 8.4, puede permitir que un actor malicioso autenticado con acceso de red para la API vRealize Ope... • https://packetstorm.news/files/id/162349 •