VMware this week announced patches for a series of vulnerabilities in vRealize Operations, including four considered high severity.
The most important of these is CVE-2021-22025 (CVSS score of 8.6), which is described as a broken access control vulnerability in the vRealize Operations Manager API. An attacker able to exploit the vulnerability could gain unauthenticated API access.
According to VMware, an unauthenticated attacker who has network access to the vRealize Operations Manager API could exploit the vulnerability to add new nodes to an existing vROps cluster.
The company also addressed an arbitrary log-file read vulnerability in the vRealize Operations Manager API (CVE-2021-22024, CVSS score of 7.5) and two server-side request forgery (SSRF) vulnerabilities (CVE-2021-22026 and CVE-2021-22027, CVSS score of 7.5).
An unauthenticated threat actor with network access could exploit CVE-2021-22024 to read any log file, or could target CVE-2021-22026 and CVE-2021-22027 to perform SSRF attacks, which can result in information disclosure.
VMware addressed two other security issues in vRealize Operations Manager API, namely (CVE-2021-22023, CVSS score of 6.6), and CVE-2021-22022 (CVSS score of 4.4), which could be exploited to modify the information of other users and take over their accounts, or read any arbitrary file on the server.
According to VMware, vRealize Operations Manager is not the only product impacted by these vulnerabilities. VMware Cloud Foundation (vROps) and vRealize Suite Lifecycle Manager (vROps) are affected as well.
VMware has released patches for all of the affected product versions and encourages customers to install them as soon as possible, to ensure they remain protected.
Related: VMware Patches Severe Vulnerability in Workspace ONE Access, Identity Manager
Related: VMware Patches Vulnerabilities in ESXi, ThinApp
Related: VMware Patches Critical Vulnerability in Carbon Black App Control