CVE-2021-22036

Summary

VMware vRealize Orchestrator ((8.x prior to 8.6) contains an open redirect vulnerability due to improper path handling. A malicious actor may be able to redirect victim to an attacker controlled domain due to improper path handling in vRealize Orchestrator leading to sensitive information disclosure.

Affected Software

VendorProductVersion RangeStatus
n/aVMware vRealize OrchestratorVMware vRealize Orchestrator (8.x prior to 8.6)affected

Weaknesses

  • Open redirect vulnerability in vRealize Orchestrator

ADP Enrichment

CVE Program Container

Additional References

References