CVE-2021-21983

MEDIUM EXPLOITED

vRealize Operations Manager <8.4 - Privilege Escalation

Title source: llm

Description

Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system.

Exploits (3)

metasploit WORKING POC EXCELLENT

by Egor Dimitrenko, wvu · rubypoclinux

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/vmware_vrops_mgr_ssrf_rce.rb

View Code ZIP pw:eip

vulncheck_xdb WRITEUP

remote-auth

https://github.com/murataydemir/CVE-2021-21983

View Code ZIP pw:eip

inthewild WRITEUP

poc

https://github.com/murataydemir/cve-2021-21983

View Code ZIP pw:eip

References (2)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html

[Vendor Advisory] https://www.vmware.com/security/advisories/VMSA-2021-0004.html

Scores

CVSS v3 6.5

EPSS 0.8318

EPSS Percentile 99.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Details

VulnCheck KEV 2021-10-07

Status published

Products (27)

vmware/cloud_foundation 3.0

vmware/cloud_foundation 3.0.1

vmware/cloud_foundation 3.0.1.1

vmware/cloud_foundation 3.5

vmware/cloud_foundation 3.5.1

vmware/cloud_foundation 3.7

vmware/cloud_foundation 3.7.1

vmware/cloud_foundation 3.7.2

vmware/cloud_foundation 3.8

vmware/cloud_foundation 3.8.1

... and 17 more

Published Mar 31, 2021

Tracked Since Feb 18, 2026