CVE-2021-21983
published 2021-03-31CVE-2021-21983: Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network…
medium6.5CVSS 3.1
AVNACLPRHUINSUCNIHAH
EXPLOIT
Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | vrealize_operations_manager | — | — |
| vmware | vrealize_operations_manager | — | — |
| vmware | vrealize_operations_manager | — | — |
| vmware | vrealize_operations_manager | — | — |
| vmware | vrealize_operations_manager | — | — |
| vmware | vrealize_operations_manager | — | — |
| vmware | vrealize_operations_manager | — | — |
| vmware | vrealize_operations_manager | — | — |
| vmware | vrealize_suite_lifecycle_manager | — | — |
| vmware | vrealize_suite_lifecycle_manager | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
vulncheck6.5MEDIUM