Arbitrary File Read Vulnerability in vRealize Operations Manager API (8.x prior to 8.5)

Arbitrary File Read Vulnerability in vRealize Operations Manager API (8.x prior to 8.5)

CVE-2021-22022 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary file read vulnerability. A malicious actor with administrative access to vRealize Operations Manager API can read any arbitrary file on server leading to information disclosure.

Learn more about our Cis Benchmark Audit For Server Software.