CVE-2022-31698

Summary

The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header.

Affected Software

VendorProductVersion RangeStatus
n/aVMware vCenter Server, VMware Cloud FoundationVMware (7.0 prior to 7.0 U3i, 6.7 prior to 6.7.0 U3s, 6.5 prior to 6.5 U3u), VMware Cloud Foundation (4.x, 3.x)affected

Weaknesses

  • Denial of service vulnerability

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References