CVE-2022-31710

7.5HIGH

Key Information

Vendor: Vmware
Status: Vrealize Log Insight (vrli)
Vendor: CVE Published:; 26 January 2023

Summary

vRealize Log Insight contains a deserialization vulnerability. An unauthenticated malicious actor can remotely trigger the deserialization of untrusted data which could result in a denial of service.

Affected Version(s)

vRealize Log Insight (vRLI) = vRealize Log Insight 8.10.1 and prior

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Jan 26, 2023
Vulnerability Reserved.
May 25, 2022

Collectors

NVD DatabaseMitre Database