Skip to main content

VMWare Products Information Disclosure Vulnerability

Last Update Date: 18 Jul 2024 Release Date: 1 Apr 2022 5586 Views

RISK: High Risk

TYPE: Operating Systems - VM Ware

TYPE: VM Ware

A vulnerability was identified in VMware products. An attacker could exploit this vulnerability to trigger sensitive information disclosure on the targeted system.

 

Note:

CVE-2022-22948 is being exploited in the wild. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information.

 

[Updated on 2024-07-18]

Updated description, risk level and related links.


Impact

  • Information Disclosure

System / Technologies affected

  • VMware vCenter Server Version 7
  • VMware vCenter Server Version 6.7
  • VMware vCenter Server Version 6.5
  • VMware Cloud Foundation (vCenter Server) Version 4
  • VMware Cloud Foundation (vCenter Server) Version 3

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 


Vulnerability Identifier


Source


Related Link