Lucene search

Vrealize Log Insight Security Vulnerabilities - CVSS Score 5 - 6

cve

CVE-2016-5332

Directory traversal vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.6.0 allows remote attackers to read arbitrary files via unspecified vectors.

5.3CVSS

5.9AI Score

0.003EPSS

2016-08-31 01:59 AM

cve

CVE-2021-22021

VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site Scripting (XSS) vulnerability due to improper user input validation. An attacker with user privileges may be able to inject a malicious payload via the Log Insight UI which would be executed when the victim accesses the shared das...

5.4CVSS

5.3AI Score

0.001EPSS

2021-08-30 07:15 PM

cve

CVE-2022-31654

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations.

5.4CVSS

5.1AI Score

0.001EPSS

2022-07-12 09:15 PM

cve

CVE-2022-31655

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts.

5.4CVSS

5.1AI Score

0.001EPSS

2022-07-12 09:15 PM

cve

CVE-2022-31711

VMware vRealize Log Insight contains an Information Disclosure Vulnerability. A malicious actor can remotely collect sensitive session and application information without authentication.

5.3CVSS

6.8AI Score

0.001EPSS

2023-01-26 09:15 PM