CVE-2021-21975
Description
Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.
Severity: HIGH
CVE ID: CVE-2021-21975
CVSS Score: 7.5
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Proof Of Concept
Nuclei Templates for CVE-2021-21975
Refrence: Project Discovery GitHub
Henry4E36
VMWare vRealize SSRF-CVE-2021-21975
Refrence: GitHub
dorkerdevil
Refrence: GitHub
Al1ex
CVE-2021-21975 vRealize Operations Manager SSRF
Refrence: GitHub
TheTh1nk3r
漏洞复现与poc收集,CVE-2021-21975,cve-2021-22005,CVE-2021-26295,VMware vCenter任意文件读取
Refrence: GitHub
GuayoyoCyber
Nmap script to check vulnerability CVE-2021-21975
Refrence: GitHub
murataydemir
[CVE-2021-21975] VMware vRealize Operations Manager API Server Side Request Forgery (SSRF)
Refrence: GitHub
rabidwh0re
vRealize RCE + Privesc (CVE-2021-21975, CVE-2021-21983, CVE-0DAY-?????)
Refrence: GitHub
Vulnmachines
VMWare-CVE-2021-21975 SSRF vulnerability
Refrence: GitHub
Content on GitHub
zhzyker | watchers:3278
vulmap
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
Refrence: GitHub
CyberCommands | watchers:1
CVE2021-21975
Refrence: GitHub