Description
The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.
Related CPE's
a
vmware
vrealize_log_insight
2
References
https://www.vmware.com/security/advisories/VMSA-2023-0001.html
PatchVendor Advisory
https://www.vmware.com/security/advisories/VMSA-2023-0001.html
PatchVendor Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 · Critical
Information
Source identifier
Vulnerability status
Modified
Published
2023-01-26T20:15:37.610Z
3 years agoLast modified
2025-04-02T12:15:36.280Z
11 months ago