Serious Vulnerabilities Patched Recently by VMware in its vRealize Operations


According to a researcher interested in the discovery of the security bugs, a couple of serious vulnerabilities recently patched by VMware in its vRealize Operations (vROps) product can pose a significant risk to organisations.

A server-side request forgery (SSRF) vulnerability, tracked as CVE-2021-21975, and an arbitrary file write problem, tracked as CVE-2021-21983, affect the vROps IT operations management product, specifically the vRealize Operations Manager API.

According to VMware, an attacker with network access to the API can acquire administrative credentials using the SSRF flaw. An authenticated attacker may use the second vulnerability to write files to arbitrary locations on the Photon operating system.

Egor Dimitrenko, a researcher at cybersecurity company Optimistic Technologies, was credited with discovering the bugs by VMware. According to Dimitrenko, an attacker may use a series of vulnerabilities to remotely execute arbitrary code on a server.

In a real-world assault, the vulnerabilities could offer threat actors “unlimited opportunities to carry out more attacks on a company’s infrastructure,” according to the expert.

Both impacted versions of vRealize Operation Manager, as well as Cloud Foundation and vRealize Suite Lifecycle Manager, have been patched by VMware. The vulnerabilities should have a severity rating of “high” based on their CVSS score, but the virtualization giant’s advisory lists them as “critical.”

It’s critical that organisations that use vROps fix these bugs as soon as possible, as they may be used for malicious purposes.

Hackers began scouring the internet in February for VMware vCenter servers affected by a crucial vulnerability discovered by Positive Technologies researchers. The scanning started only one day after VMware confirmed the patches were usable. In that case, however, proof-of-concept attack code was easily made available, and thousands of potentially insecure servers became directly accessible from the internet.

Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.