Security Advisory

CVE-2021-22025

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-30 17:54:41

Last updated 2024-08-03 18:30:23

Assigner vmware

State PUBLISHED

Description

The vRealize Operations Manager API (8.x prior to 8.5) contains a broken access control vulnerability leading to unauthenticated API access. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can add new nodes to existing vROps cluster.

← Browse all CVEs View on cve.org ↗