VMware vRealize Log Insight 8.x < 8.10.2 Mutliple Vulnerabilities (VMSA-2023-0001)

The VMware vRealize Log Insight application running on the remote host is 8.x prior to 8.10.2. It is, therefore, affected by multiple vulnerabilities, including: - An unspecified directory traversal vulnerability. CVE-2022-31706 - An unspecified broken access control vulnerability. CVE-2022-31704...

CVE-2022-31710

creationtimestamp| type| source ---|---|--- 2023-01-25 13:47:26+00:00| seen| https://t.me/truesecator/3983 2023-01-27 00:34:10+00:00| seen| https://t.me/cibsecurity/56956 2023-02-05 18:30:23+00:00| published-proof-of-concept| https://t.me/MrVGunz/683 2025-04-01 15:32:32+00:00| seen|...

CVE-2022-31710

vRealize Log Insight contains a deserialization vulnerability. An unauthenticated malicious actor can remotely trigger the deserialization of untrusted data which could result in a denial of service...

CVE-2022-31710

CVE-2022-31710 affects VMware vRealize Log Insight and is caused by a deserialization vulnerability that an unauthenticated attacker can trigger remotely to cause a DoS. The vulnerability is part of a set of flaws in vRealize Log Insight (8.x) that VMware addressed in version 8.10.2 under VMSA-20...