Arbitrary File Read Vulnerability in VMware Aria Operations
CVE-2022-31682
4.9MEDIUM
Summary
VMware Aria Operations contains a vulnerability that allows an attacker with administrative privileges to access arbitrary files. This can lead to the exposure of sensitive data, posing a significant risk to data integrity and confidentiality. Organizations using this product should take immediate action to review their security configurations and apply necessary updates to mitigate the risk of unauthorized access to critical information.
Affected Version(s)
VMware Aria Operations VMware Aria Operations 8.x
References
CVSS V3.1
Score:
4.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved