CVE-2022-31711

5.3MEDIUM

Key Information:

Vendor: Vmware
Status: Vrealize Log Insight (vrli)
Vendor: CVE Published:; 25 January 2023

Summary

VMware vRealize Log Insight contains an Information Disclosure Vulnerability. A malicious actor can remotely collect sensitive session and application information without authentication.

Affected Version(s)

vRealize Log Insight (vRLI) vRealize Log Insight 8.10.1 and prior

References

https://www.vmware.com/security/advisories/VMSA-2023-0001...

http://packetstormsecurity.com/files/174606/VMware-vReali...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 25, 2023
Vulnerability Reserved
May 25, 2022