CVE-2022-31704

The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution.

Vendor	Product	Versions
vmware	vrealize_log_insight	3.0, 3.0.1, 3.3, 3.3.1, 3.3.2, 3.6, 4.0, 4.3, 4.5, 4.5.1, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.8, 8.0.0, 8.1.0, 8.8.2

Try Xcloud

Severity	Critical
Severity Score	9.80
Priority	Critical
Priority Score	10.00
Problems	NVD-CWE-Other
Categories	Other
Published Date	January 26th 2023, 9:00:15 pm
Last Modified Date	February 1st 2023, 4:00:57 pm

Severity	Critical
Base Score	9.80
Exploitability Score	3.90
Impact Score	5.90
Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity
Base Score	0.00
Exploitability Score	0.00
Impact Score	0.00
Vector

Find and fix the deepest risks in your cloud fast

CVE-2022-31704