Privilege Escalation Vulnerability in VMware vRealize Operations
CVE-2022-31672

7.2HIGH

Key Information:

Vendor: Vmware
Status: Vmware Vrealize Operations
Vendor: CVE Published:; 10 August 2022

What is CVE-2022-31672?

VMware vRealize Operations is affected by a privilege escalation vulnerability that allows an attacker with administrative network access to gain root privileges. This vulnerability can lead to unauthorized access and potential system compromises if exploited. Organizations utilizing this software should review their security configurations and apply necessary updates to mitigate risks associated with this issue. For detailed information, refer to the security advisory on VMware's official site.

Affected Version(s)

VMware vRealize Operations VMware vRealize Operations (8.x prior to 8.6.4)

References

https://www.vmware.com/security/advisories/VMSA-2022-0022...

x_refsource_MISC

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 10, 2022
Vulnerability Reserved
May 25, 2022

Vmware

What is CVE-2022-31672?

Affected Version(s)

References

CVSS V3.1

Timeline