VRealize Operations Manager API SSRF

Nash N Sulthan
Published on
16 Jun 2021

A malicious attacker who has the ability to access the VMware™ vRealize Operations Manager API over the network can perform a Server Side Request Forgery(SSRF) attack to steal sensitive credentials of management.

Affected versions

VMware cloud_foundation version 4.x 3.x, VMware vRealize_suite_lifecycle_manager version 8.x, VMware vRealize_operations_manager versions 8.0.0, 8.0.1, 8.3.0, 8.1.0, 8.1.1, 8.2.0, 7.5.0


Successful exploitation will allow a malicious attacker to execute unauthorized actions such as gaining access to sensitive data, arbitrary code execution, etc.

Mitigation / Precaution

  • We recommend you to update VMware for vRealize Operations Manager to the latest version.
  • If you cannot apply the patch, there is a workaround that involves editing the home-security-context.xml file and restarting the Cluster Analytic (CaSA) service.
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Written by
Nash N Sulthan
Nash N Sulthan
Cyber Security Lead Engineer
Find website security issues in a flash
Improve your website's security posture with proactive vulnerability detection.
Free website security assessment