Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2022-31706

Published: 26/01/2023 Updated: 01/02/2023
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
Subscribe to Vmware

Vulnerability Summary

The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

vmware vrealize log insight

Github Repositories

CVE-2022-31706 The vRealize Log Insight contains a Directory Traversal Vulnerability An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution authentication complexity vector not available not available not available confidentiality integrity availability not available no

VMSA-2023-0001 POC for VMSA-2023-0001 affecting VMware vRealize Log Insight which includes the following CVEs: VMware vRealize Log Insight Directory Traversal Vulnerability (CVE-2022-31706) VMware vRealize Log Insight broken access control Vulnerability (CVE-2022-31704) VMware vRealize Log Insight contains an Information Disclosure Vulnerability (CVE-2022-31711) The default c

References

CWE-22https://www.vmware.com/security/advisories/VMSA-2023-0001.htmlhttps://github.com/Live-Hack-CVE/CVE-2022-31706https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-26498open redirectCVE-2023-22261CVE-2023-1410path traversalCVE-2023-28759cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook