Lucene search
K

172 matches found

CVE
CVE
added 2022/12/14 12:0 a.m.93 views

CVE-2022-31703

The CVE-2022-31703 entry concerns a Directory Traversal Vulnerability in VMware products that, per the documents, allows an unauthenticated attacker to inject files into the operating system of VMware vRealize Log Insight (and related vRNI REST API endpoints), potentially leading to remote code e...

7.5CVSS8AI score0.01792EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/12/14 12:0 a.m.37 views

CVE-2022-31703

The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution...

8.6AI score0.01792EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.5 views

PT-2022-5903 · Vmware · Vrealize Log Insight +1

Name of the Vulnerable Software and Affected Versions: vRealize Log Insight affected versions not specified vRealize Network Insight affected versions not specified Description: The issue concerns a Directory Traversal Vulnerability in the vRealize Log Insight and vRealize Network Insight. This...

7.8CVSS7.7AI score0.01792EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2022/08/16 12:0 a.m.6 views

The export function of the vRealize Log Insight management tool is vulnerable, allowing attackers to compromise the integrity of the protected information.

The vulnerability of the export function of the vRealize Log Insight management tool exists due to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the protected information...

4.3CVSS5.5AI score0.00553EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/15 12:0 a.m.7 views

The vulnerability of the log management tool vRealize Log Insight, related to the lack of security measures for the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the vRealize Log Insight log management tool is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.6AI score0.00376EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/12 12:0 a.m.7 views

The vulnerability of the log file management tool vRealize Log Insight, related to the lack of security measures for website structures, allows attackers to perform cross-site scripting attacks.

The vulnerability of the log file management tool vRealize Log Insight is related to the lack of security measures for the website structure. Exploiting this vulnerability could allow a malicious actor to perform a cross-site scripting attack remotely...

6.4CVSS5.6AI score0.00376EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/07/14 12:0 a.m.33 views

VMware vRealize Log Insight 8.x < 8.8.2 XSS (VMSA-2022-0019)

The VMware vRealize Log Insight application running on the remote host is 8.0.0 or later but prior to 8.8.2. It is, therefore, affected by multiple XSS vulnerabilities. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C...

5.4CVSS5.6AI score0.00376EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/07/12 9:15 p.m.2 views

CVE-2022-31654

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations...

5.4CVSS5AI score0.00376EPSS
Exploits0References2
OSV
OSV
added 2022/07/12 9:15 p.m.3 views

CVE-2022-31655

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts...

5.4CVSS5.7AI score0.00376EPSS
Exploits0References1
NVD
NVD
added 2022/07/12 9:15 p.m.16 views

CVE-2022-31654

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations...

5.4CVSS0.00376EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/12 9:15 p.m.3 views

CVE-2022-31655

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts...

5.4CVSS5AI score0.00376EPSS
Exploits0References2
OSV
OSV
added 2022/07/12 9:15 p.m.4 views

CVE-2022-31654

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations...

5.4CVSS5.7AI score0.00376EPSS
Exploits0References1
NVD
NVD
added 2022/07/12 9:15 p.m.30 views

CVE-2022-31655

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts...

5.4CVSS0.00376EPSS
Exploits0References1
Prion
Prion
added 2022/07/12 9:15 p.m.19 views

Cross site scripting

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations...

3.5CVSS5.1AI score0.00376EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/07/12 9:15 p.m.20 views

Cross site scripting

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts...

3.5CVSS5.1AI score0.00376EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/07/12 8:44 p.m.73 views

CVE-2022-31655

CVE-2022-31655 affects VMware vRealize Log Insight before 8.8.2. The issue is a stored cross-site scripting vulnerability caused by improper input sanitization in alerts, as documented by Red Hat, NVD, and VMware advisories. The vulnerability arises in the alert configuration/input path and can b...

5.4CVSS5.1AI score0.00376EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/07/12 8:44 p.m.34 views

CVE-2022-31655

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts...

5.4AI score0.00376EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/07/12 8:43 p.m.22 views

CVE-2022-31654

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations...

5.4AI score0.00376EPSS
Exploits0References1
CVE
CVE
added 2022/07/12 8:43 p.m.93 views

CVE-2022-31654

CVE-2022-31654 affects VMware vRealize Log Insight prior to 8.8.2. The issue is a stored cross-site scripting (XSS) vulnerability caused by improper input sanitization in configurations, enabling malicious input to be stored and potentially executed in the context of an admin-facing interface. Th...

5.4CVSS5.1AI score0.00376EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/07/12 12:0 a.m.7 views

VMware vRealize Log Insight 跨站脚本漏洞

VMware vRealize Log Insight is a centralized log management solution from VMware. The product supports features such as log organization and log analysis. A cross-site scripting vulnerability exists in VMware vRealize Log Insight versions prior to 8.8.2, which stems from improper input escaping i...

5.4CVSS5.4AI score0.00376EPSS
Exploits0References4
Rows per page
Query Builder