IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

VMware patches critical flaws in vRealize AI platform

The two vulnerabilities could have given attackers access to admin credentials and file writing access

VMware has patched a pair of vulnerabilities that could have given attackers access to admin credentials and file writing access.

The company stated that the first vulnerability, CVE-2021-21975, could allow a malicious actor with network access to the vRealize Operations Manager API to perform a Server Side Request Forgery attack to steal admin credentials

VMware evaluated the danger of the issue and decided it was an “important” severity with a maximum CVSS base score of 8.5. CVSS is an open framework for communicating the characteristics and severity of software vulnerabilities and is marked between 0 and 10, with 10 being critical.

vRealize is the company’s AI-powered platform that delivers “self-driving IT operations management for private, hybrid and multi-cloud environments.”

The second vulnerability, CVE-2021-21983, meant that an authenticated malicious actor with network access to the vRealize Operations Manager API could write files to arbitrary locations on the underlying photon operating system. VMware evaluated the issue to be of an “important” severity as well and gave it a CVSSv3 base score of 7.2.

The company published a security advisory on Tuesday to inform customers of the two vulnerabilities, of which both were reported by Egor Dimitrenko of Positive Technologies. The products impacted are the VMware vRealize Operations, VMware Cloud Foundation and vRealize Suite Lifecycle Manager.

A month ago it emerged that ransomware operators were exploiting VMware ESXi flaws by retooling their strains to exploit vulnerabilities. The flaws, which were patched by the company, included allowing hackers to execute commands on the underlying operating systems that hosts the VCenter Server.

In February, security researchers warned of two ESXi hypervisor flaws that ransomware gangs were using to encrypt virtual hard drives. Hackers reportedly encrypted 1,000 VMs at Brazil’s Superior Tribunal de Justicia, whereas other victims suffered as their VMs were shut down and datastores encrypted and left with a ransom note.

Featured Resources

The Total Economic Impact™ Of Turbonomic Application Resource Management for IBM Cloud® Paks

Business benefits and cost savings enabled by IBM Turbonomic Application Resource Management

Free Download

The Total Economic Impact™ of IBM Watson Assistant

Cost savings and business benefits enabled by Watson Assistant

Free Download

The field guide to application modernisation

Moving forward with your enterprise application portfolio

Free Download

AI for customer service

Discover the industry-leading AI platform that customers and employees want to use

Free Download

Recommended

Broadcom formally confirms $61 billion acquisition of VMware
mergers and acquisitions

Broadcom formally confirms $61 billion acquisition of VMware

26 May 2022
Linux-based Cheerscrypt ransomware found targeting VMware ESXi servers
ransomware

Linux-based Cheerscrypt ransomware found targeting VMware ESXi servers

26 May 2022
Broadcom reportedly looking at acquiring cloud company VMware
mergers and acquisitions

Broadcom reportedly looking at acquiring cloud company VMware

23 May 2022
US security agency issues emergency alert over vulnerable VMware products
Security

US security agency issues emergency alert over vulnerable VMware products

19 May 2022

Most Popular

UK water supplier confirms hack by Cl0p ransomware gang
ransomware

UK water supplier confirms hack by Cl0p ransomware gang

16 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022