CVE-2021-22035
N/A
N/A
Summary
VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log Insight which could be executed in user's environment.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | VMware vRealize Log Insight | VMware vRealize Log Insight (8.x prior to 8.6) | affected |
Weaknesses
- CSV injection vulnerability in Log Insight
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.