CVE-2022-31673

2022-08-0920:19:45

vmware

www.cve.org

vmware

vrealize operations

information disclosure

vulnerability

cve-2022-31673

network access

hex dumps

remote code execution

AI Score

8.8

Confidence

High

EPSS

0.003

Percentile

68.4%

JSON

VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can create and leak hex dumps, leading to information disclosure. Successful exploitation can lead to a remote code execution.

CNA Affected

[
  {
    "product": "VMware vRealize Operations",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "VMware vRealize Operations (8.x prior to 8.6.4)"
      }
    ]
  }
]