CVE-2021-21975, CVE-2021-21983: Chained Vulnerabilities in...

CVE-2021-21975, CVE-2021-21983: Chained Vulnerabilities in VMware vRealize Operations Could Lead to Unauthenticated Remote Code Execution

On March 30, VMware released a security advisory (VMSA-2021-0004) to address two vulnerabilities in vRealize Operations, an AI-powered IT operations management platform for multi-cloud, private and hybrid environments.

These vulnerabilities affect vRealize Operations, and also impact VMware Cloud Foundation (vROps) and vRealize Suite Lifecycle Manager (vROps). VMware has attributed the responsible disclosure of both of these vulnerabilities to Egor Dimitrenko, a security researcher at Positive Technologies.

For more information about these vulnerabilities, including the availability of patches and Tenable product coverage, please visit our blog.

Cyber Exposure Alerts

Vulnerability Watch

Forum Discussion

CVE-2021-21975, CVE-2021-21983: Chained Vulnerabilities in...

Recent Discussions

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Vulnerability

Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)

CVE-2025-14847 (MongoBleed): MongoDB Memory Leak Vulnerability Exploited in the Wild

CVE-2025-40602: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Exploited

Microsoft Patch Tuesday 2025 Year in Review

Americas

Europe

Asia / Australia