Security News > 2021 > April > VMware patches critical vRealize Operations flaws that could lead to RCE
Two vulnerabilities recently patched by VMware in its vRealize Operations platform can be chained together to achieve unauthenticated remote code execution on the underlying operating system, Positive Technologies researchers have found.
There is no PoC currently available and no mention of the vulnerabilities being exploited in the wild.
VMware vRealize Operations vulnerabilities could lead to RCE. VMware vRealize Operations is a unified, AI-powered platform for IT operations management for private, hybrid, and multi-cloud environments.
It is available on premises and as SaaS. Both vulnerabilities are in the vRealize Operations Manager API. CVE-2021-21975 is a Server Side Request Forgery flaw that could be exploited remotely by an unauthenticated attacker to steal administrative credentials, and CVE-2021-21983 is an arbitrary file write vulnerability that could allow an authenticated remote attacker to write files to arbitrary locations on the underlying operating system.
The vulnerabilities are present in vRealize Operations Manager 7.5.0, 8.0.1, 8.0.0, 8.1.1, 8.1.0, 8.2.0, and 8.3.0, and also impact VMware Cloud Foundation versions 3.x and 4.x and vRealize Suite Lifecycle Manager v8.
Security researcher Egor Dimitrenko of Positive Technologies has been credited with discovering and reporting the vulnerabilities to VMware.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/BdXreyOvnec/
Related news
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- VMware fixes critical RCE, make-me-root bugs in vCenter - for the second time (source)
- Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble (source)
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Critical Zimbra RCE flaw exploited to backdoor servers using emails (source)
- CISA: Network switch RCE flaw impacts critical infrastructure (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-31 | CVE-2021-21975 | Server-Side Request Forgery (SSRF) vulnerability in VMWare products Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials. | 7.5 |
| 2021-03-31 | CVE-2021-21983 | Unspecified vulnerability in VMWare products Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system. | 6.5 |