Get Permission
VMware has issued patches for two critical vulnerabilities in its IT operations management platform, vRealize Operations, which, if exploited, could allow attackers to steal administrative credentials.
The platform is designed to offer self-driving IT operations management for private, hybrid and multi-cloud environments in a unified platform powered by artificial intelligence.
VMware issued patches on Tuesday for the flaws CVE-2021-21975, which has a CVSS ranking of 8.6, and CVE-2021-21983, which has a CVSSv3 base score of 7.2.
Egor Dimitrenko of Positive Technologies discovered these vulnerabilities and reported them to VMware.
If the two vulnerabilities are chained together, they could enable an attacker to conduct remote code execution in vRealize Operations, Positive Technologies reports.
VMware Patches 2 Flaws in vRealize Operations govinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from govinfosecurity.com Daily Mail and Mail on Sunday newspapers.