{"uuid": "73df1864-a346-4fa7-aa7d-4cb952eeb632", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22948", "type": "published-proof-of-concept", "source": "https://t.me/ARC15INFO/295", "content": "CVE-2022-22948: Sensitive Information Disclosure in VMware vCenter.\n\nNew zero-day vulnerability joins a chain of recently discovered vulnerabilities capable of operating an end-to-end attack on ESXi. Organizations should evaluate risk and apply vCenter client patches immediately.\n\n\ud83c\udf00 Executive Summary\n\nPentera Labs\u2019 Senior Security Researcher, Yuval Lazar, discovered an Information Disclosure vulnerability impacting more than 500,000 appliances running default vCenter Server deployments.\n\nThis finding is critical given its potential global impact. According to VMware \u2013 more than 80 percent of virtualized workloads are running on VMware technology, including 100 percent of Fortune 500 and Fortune Global 100 companies.\n\nhttps://www.pentera.io/blog/information-disclosure-in-vmware-vcenter/\n\n\ud83d\udce1@cRyPtHoN_INFOSEC_FR\n\ud83d\udce1@cRyPtHoN_INFOSEC_EN\n\ud83d\udce1@cRyPtHoN_INFOSEC_DE\n\ud83d\udce1@BlackBox_Archiv", "creation_timestamp": "2024-08-29T06:23:17.000000Z"}