CVE-2022-31704

Description

The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution.

Related CPE's

avmwarevrealize_log_insight********

avmwarevrealize_log_insight********

References

https://www.vmware.com/security/advisories/VMSA-2023-0001.html

PatchVendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io