CVE-2022-22948

🗓️ 29 Mar 2022 17:24:33Reported by vmwareType

The vCenter Server has an information disclosure vulnerability allowing non-admin users to access sensitive info

Reporter	Title	Published	Views	Family All 22
GithubExploit	Exploit for Incorrect Default Permissions in Vmware Cloud_Foundation	17 Oct 202109:59	–	githubexploit
ATTACKERKB	CVE-2022-22948	29 Mar 202200:00	–	attackerkb
Circl	CVE-2022-22948	29 Mar 202216:53	–	circl
CISA KEV Catalog	VMware vCenter Server Incorrect Default File Permissions Vulnerability	17 Jul 202400:00	–	cisa_kev
CISA	CISA Adds Three Known Exploited Vulnerabilities to Catalog	17 Jul 202412:00	–	cisa
CNNVD	VMware vCenter Server 安全漏洞	29 Mar 202200:00	–	cnnvd
CNVD	VMware vCenter Server Information Disclosure Vulnerability (CNVD-2022-55066)	31 Mar 202200:00	–	cnvd
Cvelist	CVE-2022-22948	29 Mar 202217:24	–	cvelist
Metasploit	VMware vCenter Secrets Dump	2 Nov 202219:52	–	metasploit
NVD	CVE-2022-22948	29 Mar 202218:15	–	nvd

NVD

Node

vmware cloud_foundationRange3.0–3.11

vmware cloud_foundationRange4.0–4.4.1

vmware vcenter_serverMatch6.5-

vmware vcenter_serverMatch6.5a

vmware vcenter_serverMatch6.5b

vmware vcenter_serverMatch6.5c

vmware vcenter_serverMatch6.5d

vmware vcenter_serverMatch6.5e

vmware vcenter_serverMatch6.5f

vmware vcenter_serverMatch6.5update1

vmware vcenter_serverMatch6.5update1b

vmware vcenter_serverMatch6.5update1c

vmware vcenter_serverMatch6.5update1d

vmware vcenter_serverMatch6.5update1e

vmware vcenter_serverMatch6.5update1g

vmware vcenter_serverMatch6.5update2

vmware vcenter_serverMatch6.5update2b

vmware vcenter_serverMatch6.5update2c

vmware vcenter_serverMatch6.5update2d

vmware vcenter_serverMatch6.5update2g

vmware vcenter_serverMatch6.5update3

vmware vcenter_serverMatch6.5update3d

vmware vcenter_serverMatch6.5update3f

vmware vcenter_serverMatch6.5update3k

vmware vcenter_serverMatch6.5update3n

vmware vcenter_serverMatch6.5update3p

vmware vcenter_serverMatch6.5update3q

vmware vcenter_serverMatch6.7-

vmware vcenter_serverMatch6.7a

vmware vcenter_serverMatch6.7b

vmware vcenter_serverMatch6.7d

vmware vcenter_serverMatch6.7update1

vmware vcenter_serverMatch6.7update1b

vmware vcenter_serverMatch6.7update2

vmware vcenter_serverMatch6.7update2a

vmware vcenter_serverMatch6.7update2c

vmware vcenter_serverMatch6.7update3

vmware vcenter_serverMatch6.7update3a

vmware vcenter_serverMatch6.7update3b

vmware vcenter_serverMatch6.7update3f

vmware vcenter_serverMatch6.7update3g

vmware vcenter_serverMatch6.7update3j

vmware vcenter_serverMatch6.7update3l

vmware vcenter_serverMatch6.7update3m

vmware vcenter_serverMatch6.7update3n

vmware vcenter_serverMatch6.7update3o

vmware vcenter_serverMatch7.0-

vmware vcenter_serverMatch7.0a

vmware vcenter_serverMatch7.0b

vmware vcenter_serverMatch7.0c

vmware vcenter_serverMatch7.0d

vmware vcenter_serverMatch7.0update1

vmware vcenter_serverMatch7.0update1a

vmware vcenter_serverMatch7.0update1c

vmware vcenter_serverMatch7.0update1d

vmware vcenter_serverMatch7.0update2

vmware vcenter_serverMatch7.0update2a

vmware vcenter_serverMatch7.0update2b

vmware vcenter_serverMatch7.0update2c

vmware vcenter_serverMatch7.0update2d

vmware vcenter_serverMatch7.0update3

vmware vcenter_serverMatch7.0update3a

vmware vcenter_serverMatch7.0update3c

[
  {
    "product": "VMware vCenter Server and VMware Cloud Foundation",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "VMware vCenter Server (7.0 prior to 7.0 U3d, 6.7 prior to 6.7 U3p and 6.5 prior to 6.5 U3r) and VMware Cloud Foundation (4.x and 3.x prior to 3.11)"
      }
    ]
  }
]

Source	Link
vmware	www.vmware.com/security/advisories/VMSA-2022-0009.html
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog

31 Oct 2025 15:56Current

6.3Medium risk

Vulners AI Score6.3

CVSS 24

CVSS 3.16.5

EPSS0.2601

SSVC