CVE-2022-31703

Summary

The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.

Affected Software

VendorProductVersion RangeStatus
n/avRealize Log Insight (vRLI)vRealize Log Insight 8.10.1 and prioraffected

Weaknesses

  • VMware vRealize Log Insight Directory Traversal Vulnerability

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References