CVE-2022-31706

The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.

Vendor	Product	Versions
vmware	vrealize_log_insight	3.0, 3.0.1, 3.3, 3.3.1, 3.3.2, 3.6, 4.0, 4.3, 4.5, 4.5.1, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.8, 8.0.0, 8.1.0, 8.8.2

Try Xcloud

Severity	Critical
Severity Score	9.80
Priority	Critical
Priority Score	10.00
Problems	CWE-22
Categories	Data Handling, Security Feature, Time and State
Published Date	January 26th 2023, 9:00:15 pm
Last Modified Date	February 1st 2023, 4:00:58 pm

Severity	Critical
Base Score	9.80
Exploitability Score	3.90
Impact Score	5.90
Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity
Base Score	0.00
Exploitability Score	0.00
Impact Score	0.00
Vector

Find and fix the deepest risks in your cloud fast

CVE-2022-31706