Lucene search
+L

140 matches found

OSV
OSV
added 2022/07/12 9:15 p.m.5 views

CVE-2022-31654

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations...

5.4CVSS5.7AI score0.00409EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/12 9:15 p.m.4 views

CVE-2022-31655

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts...

5.4CVSS5AI score0.00409EPSS
Exploits0References2
NVD
NVD
added 2022/07/12 9:15 p.m.31 views

CVE-2022-31655

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts...

5.4CVSS0.00409EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/12 9:15 p.m.3 views

CVE-2022-31654

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations...

5.4CVSS5AI score0.00409EPSS
Exploits0References2
Prion
Prion
added 2022/07/12 9:15 p.m.20 views

Cross site scripting

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations...

3.5CVSS5.1AI score0.00409EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/07/12 9:15 p.m.21 views

Cross site scripting

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts...

3.5CVSS5.1AI score0.00409EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/07/12 8:44 p.m.73 views

CVE-2022-31655

CVE-2022-31655 affects VMware vRealize Log Insight before 8.8.2. The issue is a stored cross-site scripting vulnerability caused by improper input sanitization in alerts, as documented by Red Hat, NVD, and VMware advisories. The vulnerability arises in the alert configuration/input path and can b...

5.4CVSS5.1AI score0.00409EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/07/12 8:44 p.m.38 views

CVE-2022-31655

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts...

5.4AI score0.00409EPSS
Exploits0References1
CVE
CVE
added 2022/07/12 8:43 p.m.93 views

CVE-2022-31654

CVE-2022-31654 affects VMware vRealize Log Insight prior to 8.8.2. The issue is a stored cross-site scripting (XSS) vulnerability caused by improper input sanitization in configurations, enabling malicious input to be stored and potentially executed in the context of an admin-facing interface. Th...

5.4CVSS5.1AI score0.00409EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/07/12 12:0 a.m.6 views

VMware vRealize Log Insight 跨站脚本漏洞

VMware vRealize Log Insight is a centralized log management solution from VMware. The product supports features such as log organization and log analysis. A cross-site scripting vulnerability exists in VMware vRealize Log Insight versions prior to 8.8.2, which stems from improper input escaping i...

5.4CVSS5.4AI score0.00409EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/07/12 12:0 a.m.8 views

VMware vRealize Log Insight 跨站脚本漏洞

VMware vRealize Log Insight is a centralized log management solution from VMware. The product supports features such as log organization and log analysis. A cross-site scripting vulnerability exists in VMware vRealize Log Insight versions prior to 8.8.2, which stems from improper input escaping i...

5.4CVSS5.4AI score0.00409EPSS
Exploits0References4
VMware
VMware
added 2021/12/10 12:0 a.m.62 views

VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)

1. Impacted Products Under Evaluation VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Proxy VMware vRealize Automation VMware...

9.3CVSS0.4AI score0.99999EPSS
Exploits359References4Affected Software51
VMware
VMware
added 2021/12/10 12:0 a.m.110 views

VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)

1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...

9.3CVSS0.4AI score0.99999EPSS
Exploits361References4Affected Software55
CNVD
CNVD
added 2021/10/14 12:0 a.m.23 views

VMware vRealize Log Insight CSV注入漏洞漏洞

VMware vRealize Log Insight is a centralized log management solution from Vmware, Inc. VMware vRealize Log Insight is vulnerable to a CSV injection vulnerability that allows an authenticated attacker to embed untrusted data through CSV tables...

4.3CVSS3AI score0.00553EPSS
Exploits0References1
Prion
Prion
added 2021/10/13 4:15 p.m.17 views

Design/Logic Flaw

VMware vRealize Log Insight 8.x prior to 8.6 contains a CSVComma Separated Value injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log...

4CVSS4.6AI score0.00553EPSS
Exploits0References1Affected Software3
CNNVD
CNNVD
added 2021/10/13 12:0 a.m.6 views

Vmware VMware vRealize Log Insight 注入漏洞

VMware vRealize Log Insight is a centralized log management solution from Vmware, Inc. VMware vRealize Log Insight is vulnerable to a CSV injection vulnerability that allows an authenticated attacker to embed untrusted data through CSV tables...

4.3CVSS5.6AI score0.00553EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/10/12 12:0 a.m.9 views

vmware VMware vRealize Operations 代码问题漏洞

vmware VMware vRealize Operations is an application from vmware, Inc. A unified, AI-based platform for private, hybrid, and multi-cloud environments that delivers IT operations management on autopilot. A code issue vulnerability exists in VMware vRealize Log Insight that stems from insufficient...

4CVSS5.2AI score0.00588EPSS
Exploits0References6
VMware
VMware
added 2021/10/10 12:0 a.m.49 views

VMSA-2021-0022:VMware vRealize Log Insight updates address CSV injection vulnerability

Advisory ID: VMSA-2021-0022 CVSSv3 Range: 6.5 Issue Date:2021-10-12 Updated On: 2021-10-12 Initial Advisory CVEs: CVE-2021-22035 Synopsis: VMware vRealize Log Insight updates address CSV injection vulnerability CVE-2021-22035 RSS Feed Download PDF Download Text File Share this page on social medi...

4.3CVSS4.8AI score0.00553EPSS
Exploits0References24Affected Software3
NVD
NVD
added 2021/08/30 7:15 p.m.43 views

CVE-2021-22021

VMware vRealize Log Insight 8.x prior to 8.4 contains a Cross Site Scripting XSS vulnerability due to improper user input validation. An attacker with user privileges may be able to inject a malicious payload via the Log Insight UI which would be executed when the victim accesses the shared...

5.4CVSS0.00468EPSS
Exploits0References1
OSV
OSV
added 2021/08/30 7:15 p.m.4 views

CVE-2021-22021

VMware vRealize Log Insight 8.x prior to 8.4 contains a Cross Site Scripting XSS vulnerability due to improper user input validation. An attacker with user privileges may be able to inject a malicious payload via the Log Insight UI which would be executed when the victim accesses the shared...

5.4CVSS5.8AI score0.00468EPSS
Exploits0References1
Rows per page
Query Builder