Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system.
[
{
"product": "VMware vRealize Operations",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vRealize Operations prior to 8.4"
}
]
}
]