A malicious attacker who has the ability to access the VMware™ vRealize Operations Manager API over the network can perform a Server Side Request Forgery(SSRF) attack to steal sensitive credentials of management.
Affected versions
VMware cloud_foundation version 4.x 3.x, VMware vRealize_suite_lifecycle_manager version 8.x, VMware vRealize_operations_manager versions 8.0.0, 8.0.1, 8.3.0, 8.1.0, 8.1.1, 8.2.0, 7.5.0
Impact
Successful exploitation will allow a malicious attacker to execute unauthorized actions such as gaining access to sensitive data, arbitrary code execution, etc.
Mitigation / Precaution
- We recommend you to update VMware for vRealize Operations Manager to the latest version.
- If you cannot apply the patch, there is a workaround that involves editing the home-security-context.xml file and restarting the Cluster Analytic (CaSA) service.
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.