CVE-2022-31710

Summary

vRealize Log Insight contains a deserialization vulnerability. An unauthenticated malicious actor can remotely trigger the deserialization of untrusted data which could result in a denial of service.

Affected Software

VendorProductVersion RangeStatus
n/avRealize Log Insight (vRLI)vRealize Log Insight 8.10.1 and prioraffected

Weaknesses

  • VMware vRealize Log Insight Deserialization Vulnerability

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References