Attacker Value

Very High

(1 user assessed)

Exploitability

Very High

(1 user assessed)

User Interaction

CVE-2021-21983

Disclosure Date: March 31, 2021 •

CVE-2021-21983 CVSS v3 Base Score: 6.5

Exploited in the Wild

Reported by gwillcox-r7
View Source Details

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Metasploit Module

exploit/linux/http/vmware_vrops_mgr_ssrf_rce

Description

Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system.

Add Assessment

wvu-r7 (437)

April 03, 2021 7:41am UTC (3 years ago)•

Ratings

Attacker Value

Very High

Exploitability

Very High

Common in enterprise Vulnerable in default configuration Authenticated

Technical Analysis

Please see CVE-2021-21975’s Rapid7 analysis. CVE-2021-21975 can be chained with CVE-2021-21983 to achieve unauthed RCE.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

6.5 Medium

Impact Score:

5.2

Exploitability Score:

1.2

Vector:

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Attack Vector (AV):

Network

Attack Complexity (AC):

Low

Privileges Required (PR):

High

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

None

Integrity (I):

High

Availability (A):

High

Vendors

vmware

Products

cloud foundation 3.0,
cloud foundation 3.0.1,
cloud foundation 3.0.1.1,
cloud foundation 3.10,
cloud foundation 3.5,
cloud foundation 3.5.1,
cloud foundation 3.7,
cloud foundation 3.7.1,
cloud foundation 3.7.2,
cloud foundation 3.8,
cloud foundation 3.8.1,
cloud foundation 3.9,
cloud foundation 3.9.1,
cloud foundation 4.0,
cloud foundation 4.0.1,
vrealize operations manager 7.0.0,
vrealize operations manager 7.5.0,
vrealize operations manager 8.0.0,
vrealize operations manager 8.0.1,
vrealize operations manager 8.1.0,
vrealize operations manager 8.1.1,
vrealize operations manager 8.2.0,
vrealize operations manager 8.3.0,
vrealize suite lifecycle manager 8.0,
vrealize suite lifecycle manager 8.0.1,
vrealize suite lifecycle manager 8.1,
vrealize suite lifecycle manager 8.2

Metasploit Modules

exploit/linux/http/vmware_vrops_mgr_ssrf_rce (https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/vmware_vrops_mgr_ssrf_rce.rb)

Exploited in the Wild

Reported by:

gwillcox-r7 indicated source as Government or Industry Alert (https://www.cisa.gov/known-exploited-vulnerabilities-catalog)

Reported: June 14, 2022 9:36pm UTC (2 years ago)

References

Canonical

CVE-2021-21983 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21983)

Miscellaneous

https://www.vmware.com/security/advisories/VMSA-2021-0004.html

http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html

Rapid7

Very High

CVE-2021-21983

Very High

Very High

None

High

Network

CVE-2021-21983

Description

Add Assessment

Ratings

Technical Analysis

CVSS V3 Severity and Metrics

General Information

Vendors

Products

Metasploit Modules

Exploited in the Wild

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Very High

CVE-2021-21983

Very High

Very High

None

High

Network

CVE-2021-21983

Description

Add Assessment

Ratings

Technical Analysis

CVSS V3 Severity and Metrics

General Information

Vendors

Products

Metasploit Modules

Exploited in the Wild

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification