1. CVE-Search
  2. CVE-2022-31704
ID CVE-2022-31704
Summary The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution.
References
Vulnerable Configurations
  • cpe:2.3:a:vmware:vrealize_log_insight:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:vrealize_log_insight:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:vrealize_log_insight:3.3:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:vrealize_log_insight:3.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:3.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:vrealize_log_insight:3.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:3.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:vrealize_log_insight:3.6:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:vrealize_log_insight:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:vrealize_log_insight:4.3:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:vrealize_log_insight:4.5:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:vrealize_log_insight:4.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:4.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:vrealize_log_insight:4.6:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:vrealize_log_insight:4.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:4.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:vrealize_log_insight:4.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:4.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:vrealize_log_insight:4.7:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:vrealize_log_insight:4.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:4.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:vrealize_log_insight:4.8:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:4.8:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:vrealize_log_insight:8.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:8.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:vrealize_log_insight:8.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:vrealize_log_insight:8.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:vrealize_log_insight:8.8.2:*:*:*:*:*:*:*
CVSS
Base: None
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 11-09-2023 - 19:15
Published 26-01-2023 - 21:15
Last modified 11-09-2023 - 19:15
Back to Top