vulnerability

VMWare vRealize: (CVE-2021-22023)

Try Surface Command
Back to search
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:P)
Published
Aug 24, 2021
Added
Nov 4, 2021
Modified
Jan 12, 2023

Description

The vRealize Operations Manager API (8.x prior to 8.5) has insecure object reference vulnerability. A malicious actor with administrative access to vRealize Operations Manager API may be able to modify other users information leading to an account takeover.

Solutions

vmware-vrealize-upgrade-7_5_0_18528913vmware-vrealize-upgrade-8_0_1_18442173vmware-vrealize-upgrade-8_1_1_18442224vmware-vrealize-upgrade-8_2_0_18439239vmware-vrealize-upgrade-8_3_0_18439213vmware-vrealize-upgrade-8_4_0_18456797vmware-vrealize-upgrade-8_5_0

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today