VMWare vRealize Log Insight Multiple Vulnerabilities

Last Update Date: 1 Feb 2023 Release Date: 26 Jan 2023 5220 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - VM Ware

TYPE: VM Ware

Multiple vulnerabilities were identified in VMware vRealize Log Insight. A remote attacker could exploit some of these vulnerabilities to trigger denial of service, remote code execution and sensitive information disclosure on the targeted system.

 

[Updated on 2023-02-01]

Proof of Concept exploit code Is publicly available for CVE-2022-31704, CVE-2022-31706, and CVE-2022-31711. Risk level has changed from Medium Risk to High Risk.

Impact

  • Denial of Service
  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • VMware vRealize Log Insight 8.x

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Related Link

Related Tags

VMwarevRealizeDenial of ServiceRemote Code ExecutionInformation DisclosureProof of Concept

Share with

Previous

QNAP NAS Remote Code Execution Vulnerability

31 Jan 2023 4981 Views

Next

ChromeOS Multiple Vulnerabilities

1 Feb 2023 4582 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY