A vulnerability has been discovered in VMware’s vRealize Log Insight

Multiple vulnerabilities in VMware vRealize Log Insight were privately reported to VMware. These vulnerabilities affect users of VMware’s vRealize Log Insight, a log collection and analytics virtual appliance used by administrators to collect, view, manage and analyze syslog data. Updates and workarounds are available to address these vulnerabilities in affected VMware products.

VMware on Tuesday shipped its first security bulletin for 2023 with patches for multiple critical-level flaws that expose businesses to remote code execution attacks. The company said the most serious of the four documented flaws carry a CVSS severity score of 9.8 out of 10, adding to the urgency for organizations to apply available patches as soon as possible.

According to an advisory from VMware, several flaws have been identified in vRealize Log Insight, including directory traversal and broken access control issues, that have dangerous implications. These vulnerabilities, identified as CVE-2022-31706, CVE-2022-31704, CVE-2022-31710, and CVE-2022-31711, could allow an unauthenticated, malicious actor to inject files into the operating system of an impacted appliance, resulting in remote code execution.

In addition to these vulnerabilities, VMware also shipped fixes for a separate deserialization vulnerability that exposes vRealize Log Insight users to denial-of-service attacks, as well as an information disclosure issue that allowed attackers to remotely collect sensitive session and application information without authentication.

Response Matrix

ProductVersionRunning OnCVE IdentifierCVSSv3SeverityFixed VersionWorkaroundsAdditional Documentation
VMware vRealize Log Insight8.xAnyCVE-2022-31706, CVE-2022-31704, CVE-2022-31710, CVE-2022-317119.8, 9.8, 7.5, 5.3Critical 8.10.2KB90635None
VMware Cloud Foundation (VMware vRealize Log Insight)4.x, 3.xAnyCVE-2022-31706, CVE-2022-31704, CVE-2022-31710, CVE-2022-317119.8, 9.8, 7.5, 5.3Critical KB90668KB90635None

In conclusion, it is highly recommended that all organizations using VMware vRealize Log Insight apply the patches as soon as possible to protect against the potential exploitation of these vulnerabilities. Regularly monitoring your systems for any signs of suspicious activity and keeping your software up to date is key to maintaining the security of your network.

🔥Subscribe to the channel: https://bit.ly/3vY16CT🔥

🚨Read my blog: https://angrysysops.com/

👊Twitter: https://twitter.com/AngrySysOps
👊Facebook: https://www.facebook.com/AngrySysOps
👊My Podcast: https://bit.ly/39fFnxm
👊Mastodon: https://techhub.social/@AngryAdmin

🔥vExpert info: https://bit.ly/3vXGPOa

🛒 VMware EMEA store: https://imp.i263671.net/c/3505578/814646/11461

🛒 VMware US store: https://imp.i263671.net/c/3505578/814642/11461

🛒 VMware APAC store: https://imp.i263671.net/c/3505578/814645/11461

Please leave the comment