CVE-2022-31674

CWE-532Log File Information ExposureCWE-200Information Exposure4 documents4 sources
Severity
4.3MEDIUM
EPSS
0.3%
top 49.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Vmware Vrealize Operations
Timeline
PublishedAug 10
Latest updateAug 11

Description

VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can access log files that lead to information disclosure.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

NVDvmware/vrealize_operations8.0.08.6.4
CVEListV5vmware_vrealize_operationsVMware vRealize Operations (8.x prior to 8.6.4)

Patches

Patch: www.vmware.comPatch: www.vmware.com

🔴Vulnerability Details

2
GHSA
GHSA-9rcx-r2cj-mhvq: VMware vRealize Operations contains an information disclosure vulnerability2022-08-11
CVEList
CVE-2022-31674: VMware vRealize Operations contains an information disclosure vulnerability2022-08-09

📋Vendor Advisories

1
VMware
VMware vRealize Operations contains multiple vulnerabilities2022-08-09