CVE-2021-22024

Summary

The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary log-file read vulnerability. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can read any log file resulting in sensitive information disclosure.

Affected Software

VendorProductVersion RangeStatus
n/aVMware vRealize OperationsVMware vRealize Operations (8.x prior to 8.5)affected

Weaknesses

  • Arbitrary log-file read vulnerability

ADP Enrichment

CVE Program Container

Additional References

References