Arbitrary file write vulnerability in VMware vRealize Operations Manager
CVE-2021-21983

6.5MEDIUM

Key Information:

Vendor: Vmware
Status: Vmware Vrealize Operations
Vendor: CVE Published:; 31 March 2021

Badges

👾 Exploit Exists🟡 Public PoC

Summary

A security flaw has been identified in VMware vRealize Operations Manager that permits authenticated attackers with network access to exploit the API. This vulnerability enables them to write files to arbitrary locations on the underlying Photon operating system. With sufficient access, malicious actors might leverage this weakness to manipulate files, potentially leading to further exploits or unauthorized access within the system.

Affected Version(s)

VMware vRealize Operations VMware vRealize Operations prior to 8.4

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

Metasploit exploit module for CVE-2021-21983
Created by Rapid7

CVE-2021-21983
Created by murataydemir

References

https://www.vmware.com/security/advisories/VMSA-2021-0004...

x_refsource_MISC

http://packetstormsecurity.com/files/162349/VMware-vReali...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
Mar 16, 2022
👾
Exploit known to exist
Mar 16, 2022
Vulnerability published
Mar 31, 2021
Vulnerability Reserved
Jan 4, 2021