Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.
git clone https://github.com/CyberCommands/CVE2021-21975.git
cd CVE2021-21975/
python3 ssrf.py --help
This tool is only for testing and educational purposes only and can be used where strict consent has been given. I am not responsible for any misuse or damage caused by this tool.