CVE-2021-22022

Summary

The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary file read vulnerability. A malicious actor with administrative access to vRealize Operations Manager API can read any arbitrary file on server leading to information disclosure.

Affected Software

VendorProductVersion RangeStatus
n/aVMware vRealize OperationsVMware vRealize Operations (8.x prior to 8.5)affected

Weaknesses

  • Arbitrary file read vulnerability

ADP Enrichment

CVE Program Container

Additional References

References