CVE-2022-31678

Summary

VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure.

Affected Software

VendorProductVersion RangeStatus
n/aVMware Cloud Foundation (NSX-V)3.11affected

Weaknesses

  • VMware Cloud Foundation contains an XML External Entity (XXE)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References