VMware vRealize Log Insight 2.x / 3.x < 3.3.2 Multiple Vulnerabilities (VMSA-2016-0008)

The VMware vRealize Log Insight application running on the remote host is 2.x or 3.x prior to 3.3.2. It is, therefore, affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability exists due to improper validation of user-supplied input before returning it to users. An...

CVE-2016-2082

Cross-site request forgery CSRF vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

CVE-2016-2082

Cross-site request forgery CSRF vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

CVE-2016-2082

CVE-2016-2082 affects VMware vRealize Log Insight 2.x and 3.x prior to 3.3.2. The issue is a cross-site request forgery (CSRF/XSRF) vulnerability that can hijack an authenticated user’s session. The root cause is insufficient CSRF protection for certain actions. A remediation present in the conne...