CVE-2022-22939
published 2022-02-04CVE-2022-22939: VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC…
medium4.9CVSS 3.1
AVNACLPRHUINSUCHINAN
VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC Manager. A malicious actor with root access on VMware Cloud Foundation SDDC Manager may be able to view credentials in plaintext within one or more log files.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | cloud_foundation | 3.0 – 3.10.2.2 | — |
| vmware | cloud_foundation | 4.0 – 4.1.0.1 | — |