VMware patches critical vRealize Operations flaws that could lead to RCE
Two vulnerabilities (CVE-2021-21975, CVE-2021-21983) recently patched by VMware in its vRealize Operations platform can be chained together to achieve unauthenticated remote code execution (RCE) on the underlying operating system, Positive Technologies researchers have found. There is no PoC currently available and no mention of the vulnerabilities being exploited in the wild. Nevertheless, administrators are advised to implement provided security patches or temporary workarounds as soon as possible. VMware vRealize Operations vulnerabilities could lead to RCE … More
The post VMware patches critical vRealize Operations flaws that could lead to RCE appeared first on Help Net Security.