Security Filter Misconfiguration in VMware Hyperic Server
CVE-2022-38651

9.8CRITICAL

Key Information:

Vendor: Vmware
Status: Hyperic Server
Vendor: CVE Published:; 12 November 2022

Summary

A security filter misconfiguration in VMware Hyperic Server 5.8.6 allows unauthorized users to bypass authentication for certain requests. This vulnerability specifically affects unsupported products, putting sensitive information at risk. Organizations using this version should take immediate actions to mitigate potential threats resulting from exploitation.

References

https://www.cyber.gov.au/acsc/view-all-content/alerts/mul...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 12, 2022
Vulnerability Reserved
Aug 22, 2022