CVE-2022-31699

Summary

VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure.

Affected Software

VendorProductVersion RangeStatus
n/aVMware ESXi, VMware Cloud FoundationVMware ESXi (7.0 prior to ESXi70U3si-20841705, 6.7 prior to ESXi670-202210101-SG, 6.5 prior to ESXi650-202210101-SG), VMware Cloud Foundation (4.x, 3.x)affected

Weaknesses

  • Heap overflow issues via vulnerability

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References