Security Filter Misconfiguration in VMware Hyperic Server
CVE-2022-38651

9.8CRITICAL

Key Information:

Vendor: Vmware
Status: Hyperic Server
Vendor: CVE Published:; 12 November 2022

What is CVE-2022-38651?

A security filter misconfiguration in VMware Hyperic Server 5.8.6 allows unauthorized users to bypass authentication for certain requests. This vulnerability specifically affects unsupported products, putting sensitive information at risk. Organizations using this version should take immediate actions to mitigate potential threats resulting from exploitation.

References

https://www.cyber.gov.au/acsc/view-all-content/alerts/mul...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 12, 2022
Vulnerability Reserved
Aug 22, 2022

Vmware

What is CVE-2022-38651?

References

CVSS V3.1

Timeline