Multiple vulnerabilities in VMware vRealize Log Insight



Published: 2023-01-24 | Updated: 2023-02-01
Risk Critical
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2022-31704
CVE-2022-31710
CVE-2022-31711
CVE-2022-31706
CWE-ID CWE-284
CWE-502
CWE-200
CWE-22
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
vRealize Log Insight
Client/Desktop applications / Other client software

Vendor VMware, Inc

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Improper access control

EUVDB-ID: #VU71487

Risk: Critical

CVSSv3.1:

CVE-ID: CVE-2022-31704

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to improper access restrictions. A remote attacker can bypass implemented security restrictions and execute arbitrary code on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

vRealize Log Insight: 8.0.0 - 8.10


CPE2.3 External links

http://www.vmware.com/security/advisories/VMSA-2023-0001.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Deserialization of Untrusted Data

EUVDB-ID: #VU71488

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-31710

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insecure input validation when processing serialized data. A remote non-authenticated attacker can send specially crafted data to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

vRealize Log Insight: 8.0.0 - 8.10


CPE2.3 External links

http://www.vmware.com/security/advisories/VMSA-2023-0001.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Information disclosure

EUVDB-ID: #VU71489

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-31711

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A remote attacker can gain unauthorized access to sensitive session and application information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

vRealize Log Insight: 8.0.0 - 8.10


CPE2.3 External links

http://www.vmware.com/security/advisories/VMSA-2023-0001.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Path traversal

EUVDB-ID: #VU71731

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-31706

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

vRealize Log Insight: 8.0.0 - 8.10


CPE2.3 External links

http://www.vmware.com/security/advisories/VMSA-2023-0001.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###