Multiple vulnerabilities in VMware vRealize Log Insight were privately reported to VMware. These vulnerabilities affect users of VMware’s vRealize Log Insight, a log collection and analytics virtual appliance used by administrators to collect, view, manage and analyze syslog data. Updates and workarounds are available to address these vulnerabilities in affected VMware products.
VMware on Tuesday shipped its first security bulletin for 2023 with patches for multiple critical-level flaws that expose businesses to remote code execution attacks. The company said the most serious of the four documented flaws carry a CVSS severity score of 9.8 out of 10, adding to the urgency for organizations to apply available patches as soon as possible.
According to an advisory from VMware, several flaws have been identified in vRealize Log Insight, including directory traversal and broken access control issues, that have dangerous implications. These vulnerabilities, identified as CVE-2022-31706, CVE-2022-31704, CVE-2022-31710, and CVE-2022-31711, could allow an unauthenticated, malicious actor to inject files into the operating system of an impacted appliance, resulting in remote code execution.
In addition to these vulnerabilities, VMware also shipped fixes for a separate deserialization vulnerability that exposes vRealize Log Insight users to denial-of-service attacks, as well as an information disclosure issue that allowed attackers to remotely collect sensitive session and application information without authentication.
Response Matrix
| Product | Version | Running On | CVE Identifier | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
| VMware vRealize Log Insight | 8.x | Any | CVE-2022-31706, CVE-2022-31704, CVE-2022-31710, CVE-2022-31711 | 9.8, 9.8, 7.5, 5.3 | Critical | 8.10.2 | KB90635 | None |
| VMware Cloud Foundation (VMware vRealize Log Insight) | 4.x, 3.x | Any | CVE-2022-31706, CVE-2022-31704, CVE-2022-31710, CVE-2022-31711 | 9.8, 9.8, 7.5, 5.3 | Critical | KB90668 | KB90635 | None |
In conclusion, it is highly recommended that all organizations using VMware vRealize Log Insight apply the patches as soon as possible to protect against the potential exploitation of these vulnerabilities. Regularly monitoring your systems for any signs of suspicious activity and keeping your software up to date is key to maintaining the security of your network.
🔥Subscribe to the channel: https://bit.ly/3vY16CT🔥
🚨Read my blog: https://angrysysops.com/
👊Twitter: https://twitter.com/AngrySysOps
👊Facebook: https://www.facebook.com/AngrySysOps
👊My Podcast: https://bit.ly/39fFnxm
👊Mastodon: https://techhub.social/@AngryAdmin
🔥vExpert info: https://bit.ly/3vXGPOa
🛒 VMware EMEA store: https://imp.i263671.net/c/3505578/814646/11461
🛒 VMware US store: https://imp.i263671.net/c/3505578/814642/11461
🛒 VMware APAC store: https://imp.i263671.net/c/3505578/814645/11461
