Arbitrary File Read Vulnerability in VMware Aria Operations
CVE-2022-31682

4.9MEDIUM

Key Information:

Vendor: Vmware
Status: Vmware Aria Operations
Vendor: CVE Published:; 11 October 2022

What is CVE-2022-31682?

VMware Aria Operations contains a vulnerability that allows an attacker with administrative privileges to access arbitrary files. This can lead to the exposure of sensitive data, posing a significant risk to data integrity and confidentiality. Organizations using this product should take immediate action to review their security configurations and apply necessary updates to mitigate the risk of unauthorized access to critical information.

Affected Version(s)

VMware Aria Operations VMware Aria Operations 8.x

References

https://www.vmware.com/security/advisories/VMSA-2022-0026...

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 11, 2022
Vulnerability Reserved
May 25, 2022

Vmware

What is CVE-2022-31682?

Affected Version(s)

References

CVSS V3.1

Timeline