Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Very High

CVE-2021-21975

Disclosure Date: March 31, 2021 (last updated April 06, 2021)
Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.
Attacker Value
Very High

CVE-2021-21983

Disclosure Date: March 31, 2021 (last updated April 06, 2021)
Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system.