CVE-2021-22033
| CVSSv3 Range | 2.7 |
| Issue Date | 2021-10-12 |
| Updated On | 2022-10-31 |
| CVE(s) | CVE-2021-22033 |
| Synopsis | VMware vRealize Operations update addresses SSRF Vulnerability (CVE-2021-22033) |
Impacted Products
- VMware vRealize Operations
- VMware Cloud Foundation
- vRealize Suite Lifecycle Manager
Known Attack Vectors
A malicious actor with administrative access to vRealize Operations can enumerate internal IPs and internal ports.
Resolution
To remediate CVE-2021-22033 apply the patches listed in the ‘Fixed Version‘ column of the ‘Response Matrix‘ found below.