Lucene search
K
VmwareVrealize Log Insight*

5 matches found

CVE
CVE
added 2022/07/12 8:43 p.m.93 views

CVE-2022-31654

CVE-2022-31654 affects VMware vRealize Log Insight prior to 8.8.2. The issue is a stored cross-site scripting (XSS) vulnerability caused by improper input sanitization in configurations, enabling malicious input to be stored and potentially executed in the context of an admin-facing interface. Th...

5.4CVSS5.1AI score0.00409EPSS
CVE
CVE
added 2022/07/12 8:44 p.m.73 views

CVE-2022-31655

CVE-2022-31655 affects VMware vRealize Log Insight before 8.8.2. The issue is a stored cross-site scripting vulnerability caused by improper input sanitization in alerts, as documented by Red Hat, NVD, and VMware advisories. The vulnerability arises in the alert configuration/input path and can b...

5.4CVSS5.1AI score0.00409EPSS
CVE
CVE
added 2021/10/13 3:50 p.m.65 views

CVE-2021-22035

CVE-2021-22035 affects VMware vRealize Log Insight (8.x, prior to 8.6). A CSV injection vulnerability exists in the interactive analytics export function, allowing an authenticated user with non-administrative privileges to embed untrusted data in a CSV export, potentially executing in the user’s...

4.3CVSS4.5AI score0.00553EPSS
CVE
CVE
added 2020/04/15 5:20 p.m.54 views

CVE-2020-3953

CVE-2020-3953 (and CVE-2020-3954) affect VMware vRealize Log Insight prior to 8.1.0 (and 4.x) due to improper input validation. Root cause: input validation failure enabling Cross Site Scripting (XSS) in the UI. Impact described as stored XSS potentially allowing payloads to execute in other user...

4.8CVSS5.1AI score0.00653EPSS
CVE
CVE
added 2020/04/15 5:17 p.m.46 views

CVE-2020-3954

CVE-2020-3954 is an Open Redirect vulnerability in VMware vRealize Log Insight caused by improper input validation. The VMware VMSA-2020-0007 advisory and accompanying tables indicate impact on vRealize Log Insight 8.x (and 4.x) with Open Redirect exploitable via crafted URLs, enabling phishing-s...

6.1CVSS6.1AI score0.00774EPSS