CVE-2022-22939

Summary

VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC Manager. A malicious actor with root access on VMware Cloud Foundation SDDC Manager may be able to view credentials in plaintext within one or more log files.

Affected Software

VendorProductVersion RangeStatus
n/aVMware Cloud FoundationVMware Cloud Foundation 4.x (before 4.3.1.1) and 3.xaffected

Weaknesses

  • VMware Cloud Foundation updates address an information disclosure vulnerability.

ADP Enrichment

CVE Program Container

Additional References

References