Back to KEVs

CVE-2021-21975

Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the...

Basic Information

CVE State: PUBLISHED
Reserved Date: January 04, 2021
Published Date: March 31, 2021
Last Updated: January 29, 2025
Vendor: n/a
Product: VMware vRealize Operations
Description: Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.
Tags

CVSS Scores

CVSS v3.1

7.5 - HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2.0

5.0

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: partial

Exploit Status

Exploited in the Wild: Yes (2022-01-18 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2021-03-31 13:33:45 UTC) Source
Used in Malware: Yes (added 2022-01-18 00:00:00 UTC) Source

References

https://www.vmware.com/security/advisories/VMSA-2021-0004.html http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html

Known Exploited Vulnerability Information

Source	Added Date
CISA	2022-01-18 00:00:00 UTC

Scanner Integrations

Scanner	URL	Date Detected
Metasploit	https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/vmware_vrops_mgr_ssrf_rce.rb	2025-04-29 11:01:16 UTC
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-21975.yaml	2025-04-26 00:00:00 UTC