CVE-2018-6980
N/A
N/A
Summary
VMware vRealize Log Insight (4.7.x before 4.7.1 and 4.6.x before 4.6.2) contains a vulnerability due to improper authorization in the user registration method. Successful exploitation of this issue may allow Admin users with view only permission to perform certain administrative functions which they are not allowed to perform.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| VMware | VMware vRealize Log Insight | VVMware vRealize Log Insight (4.7.x before 4.7.1 and 4.6.x before 4.6.2) | affected |
Weaknesses
- Authorization bypass vulnerability
ADP Enrichment
CVE Program Container
Additional References
- https://www.vmware.com/security/advisories/VMSA-2018-0028.html
- http://www.securityfocus.com/bid/105925
References
- https://www.vmware.com/security/advisories/VMSA-2018-0028.html
- http://www.securityfocus.com/bid/105925
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.