Attackers can attack systems with the cloud management solution vRealize and vRealize Orchestrator. Versions secured against this are released.
If attackers discovered the three now closed vulnerabilities (CVE-2021-22036)center“, CVE-2021-22035”center“, CVE-2021-22033”low“) Are successfully attacked, they could, among other things, redirect victims to a domain they control.
The developers state that the security issues in vRealize Orchestrator 8.6, vRealize Automation 8.6 and vRealize Operations 8.6.0 have solved. The patches for Cloud Foundation (vROps) and vRealize Suite Lifecycle Manager (vROps) are still pending.
Admins can find further details on the vulnerabilities and secured versions in these warning messages:
Disclaimer: This article is generated from the feed and is not edited by our team.