This module chains 3 vulnerabilities to deploy an agent in VMware vRealize Operations Manager that will run with root user privileges. The first vulnerability is an authentication bypass vulnerability present in com.vmware.vcops.ui.util.MainPortalFilter class. The second vulnerability an information disclosure vulnerability present in com.vmware.vcops.ui.action.SupportLogsAction that allows to read sensitive passwords from log files. The third vulnerability is a local privilege escalation by using the generateSupportBundle.py script with a crafted VCOPS_BASE environment variable. This module will change VMware vRealize Operations Manager admin user password.
CVE Link
Exploit Platform
Exploit Type
Product Name