4 matches found
VMware vRealize Log Insight 8.x < 8.10.2 Mutliple Vulnerabilities (VMSA-2023-0001)
The VMware vRealize Log Insight application running on the remote host is 8.x prior to 8.10.2. It is, therefore, affected by multiple vulnerabilities, including: - An unspecified directory traversal vulnerability. CVE-2022-31706 - An unspecified broken access control vulnerability. CVE-2022-31704...
CVE-2022-31706
creationtimestamp| type| source ---|---|--- 2023-01-25 08:13:57+00:00| seen| https://t.me/thehackernews/2984 2023-01-25 13:14:27+00:00| seen| https://t.me/ctinow/89091 2023-01-26 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=955 2023-01-31 20:47:42+00:00| seen|...
Update vRealize now! VMware patches critical RCE vulnerabilities
VMware has issued a security advisory for vRealize Log Insight that covers four vulnerabilities reported privately by the Zero Day Initiative ZDI. Two of these vulnerabilities are rated as critical. The issues have been fixed on vRealize Log Insight 8.10.2, so users should upgrade to the latest...
CVE-2022-31706
VMware vRealize Log Insight (now VMware Aria Operations for Logs) contains CVE-2022-31706: a directory traversal flaw that allows an unauthenticated attacker to inject files into the appliance OS, leading to remote code execution. Affected release series are 8.x prior to 8.10.2, with the vendor a...