The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: vmware

Published: 2021-08-30T17:54:40

Updated: 2024-08-03T18:30:23.955Z

Reserved: 2021-01-04T00:00:00

Link: CVE-2021-22027

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2021-08-30T18:15:08.463

Modified: 2022-02-01T17:53:31.773

Link: CVE-2021-22027

cve-icon Redhat

No data.