Lucene search

[email protected]NVD:CVE-2022-22948

HistoryMar 29, 2022 - 6:15 p.m.

CVE-2022-22948

2022-03-2918:15:08

CWE-276

[email protected]

web.nvd.nist.gov

vcenter server

information disclosure

vulnerability

non-administrative access

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.008

Percentile

81.6%

JSON

The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information.

Affected configurations

Nvd

Node

vmwarecloud_foundationRange3.0–3.11

vmwarecloud_foundationMatch3.11

vmwarevcenter_serverMatch6.5-

vmwarevcenter_serverMatch6.5a

vmwarevcenter_serverMatch6.5b

vmwarevcenter_serverMatch6.5c

vmwarevcenter_serverMatch6.5d

vmwarevcenter_serverMatch6.5e

vmwarevcenter_serverMatch6.5f

vmwarevcenter_serverMatch6.5update1

vmwarevcenter_serverMatch6.5update1b

vmwarevcenter_serverMatch6.5update1c

vmwarevcenter_serverMatch6.5update1d

vmwarevcenter_serverMatch6.5update1e

vmwarevcenter_serverMatch6.5update1g

vmwarevcenter_serverMatch6.5update2

vmwarevcenter_serverMatch6.5update2b

vmwarevcenter_serverMatch6.5update2c

vmwarevcenter_serverMatch6.5update2d

vmwarevcenter_serverMatch6.5update2g

vmwarevcenter_serverMatch6.5update3

vmwarevcenter_serverMatch6.5update3d

vmwarevcenter_serverMatch6.5update3f

vmwarevcenter_serverMatch6.5update3k

vmwarevcenter_serverMatch6.5update3n

vmwarevcenter_serverMatch6.5update3p

vmwarevcenter_serverMatch6.5update3q

vmwarevcenter_serverMatch6.7-

vmwarevcenter_serverMatch6.7a

vmwarevcenter_serverMatch6.7b

vmwarevcenter_serverMatch6.7d

vmwarevcenter_serverMatch6.7update1

vmwarevcenter_serverMatch6.7update1b

vmwarevcenter_serverMatch6.7update2

vmwarevcenter_serverMatch6.7update2a

vmwarevcenter_serverMatch6.7update2c

vmwarevcenter_serverMatch6.7update3

vmwarevcenter_serverMatch6.7update3a

vmwarevcenter_serverMatch6.7update3b

vmwarevcenter_serverMatch6.7update3f

vmwarevcenter_serverMatch6.7update3g

vmwarevcenter_serverMatch6.7update3j

vmwarevcenter_serverMatch6.7update3l

vmwarevcenter_serverMatch6.7update3m

vmwarevcenter_serverMatch6.7update3n

vmwarevcenter_serverMatch6.7update3o

vmwarevcenter_serverMatch7.0-

vmwarevcenter_serverMatch7.0a

vmwarevcenter_serverMatch7.0b

vmwarevcenter_serverMatch7.0c

vmwarevcenter_serverMatch7.0d

vmwarevcenter_serverMatch7.0update1

vmwarevcenter_serverMatch7.0update1a

vmwarevcenter_serverMatch7.0update1c

vmwarevcenter_serverMatch7.0update1d

vmwarevcenter_serverMatch7.0update2

vmwarevcenter_serverMatch7.0update2a

vmwarevcenter_serverMatch7.0update2b

vmwarevcenter_serverMatch7.0update2c

vmwarevcenter_serverMatch7.0update2d

vmwarevcenter_serverMatch7.0update3

vmwarevcenter_serverMatch7.0update3a

vmwarevcenter_serverMatch7.0update3c

VendorProductVersionCPE
vmwarecloud_foundation*cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*
vmwarecloud_foundation3.11cpe:2.3:a:vmware:cloud_foundation:3.11:*:*:*:*:*:*:*
vmwarevcenter_server6.5cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*
vmwarevcenter_server6.5cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*
vmwarevcenter_server6.5cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*
vmwarevcenter_server6.5cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*
vmwarevcenter_server6.5cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*
vmwarevcenter_server6.5cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*
vmwarevcenter_server6.5cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*
vmwarevcenter_server6.5cpe:2.3:a:vmware:vcenter_server:6.5:update1:*:*:*:*:*:*

Vendor	Product	Version	CPE
vmware	cloud_foundation	*	cpe:2.3:a:vmware:cloud_foundation::::::::
vmware	cloud_foundation	3.11	cpe:2.3:a:vmware:cloud_foundation:3.11:::::::*
vmware	vcenter_server	6.5	cpe:2.3:a:vmware:vcenter_server:6.5:-::::::
vmware	vcenter_server	6.5	cpe:2.3:a:vmware:vcenter_server:6.5:a::::::
vmware	vcenter_server	6.5	cpe:2.3:a:vmware:vcenter_server:6.5:b::::::
vmware	vcenter_server	6.5	cpe:2.3:a:vmware:vcenter_server:6.5:c::::::
vmware	vcenter_server	6.5	cpe:2.3:a:vmware:vcenter_server:6.5:d::::::
vmware	vcenter_server	6.5	cpe:2.3:a:vmware:vcenter_server:6.5:e::::::
vmware	vcenter_server	6.5	cpe:2.3:a:vmware:vcenter_server:6.5:f::::::
vmware	vcenter_server	6.5	cpe:2.3:a:vmware:vcenter_server:6.5:update1::::::