Описание
Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- Vendor Advisory
- ExploitThird Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
6.5 Medium
CVSS3
8.5 High
CVSS2
Дефекты
Связанные уязвимости
Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system.
Уязвимость API-интерфейса инструмента мониторинга виртуальной инфраструктуры vRealize Operations, позволяющая нарушителю загружать вредоносные файлы
EPSS
6.5 Medium
CVSS3
8.5 High
CVSS2