THREATOPS
THREAT OPSCVEs › CVE-2021-21975

CVE-2021-21975 — VMware Server Side Request Forgery in vRealize Operations Manager API

CISA KEVExploited: confirmedVMware

Server Side Request Forgery (SSRF) in vRealize Operations Manager API prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API to perform a SSRF attack to steal administrative credentials.

Vulnerability details