VMware has patched four vulnerabilities that affect VMware vRealize Log Insight.
A remote attacker could exploit some of these vulnerabilities to take control of unpatched systems.
vRealize Log Insight provides intelligent log management for infrastructure and applications in any environment.
As noted in the VMware advisory VMSA-2023-0001, the security updates address multiple security vulnerabilities in VMware vRealize Log Insight. Two of the vulnerabilities are rated Critical (CVE-2022-31706, CVE-2022-31704), one High (CVE-2022-31710) and one Medium severity (CVE-2022-31711).
The CVSS base scores range between 5.3 and 9.8.
One of the patched Critical vulnerabilities is VMware vRealize Log Insight Directory Traversal Vulnerability (CVE-2022-31706), rated CVSS base score of 9.8.
“An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution,” VMware warned in the advisory.
Moreover, VMware fixed a Critical VMware vRealize Log Insight broken access control Vulnerability (CVE-2022-31704), rated CVSS base score of 9.8.
“An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution,” VMware added.
In addition, VMware also patched the following vRealize Log Insight vulnerabilities (with CVSS score):
- CVE-2022-31710: VMware vRealize Log Insight contains a Deserialization Vulnerability (CVSS 7.5)
- CVE-2022-31711: VMware vRealize Log Insight contains an Information Disclosure Vulnerability (CVSS 5.3).
- CISA adds Critical VMware Workspace ONE Access and Identity Manager vulnerability to Catalog of exploited vulnerabilities
- VMware Cloud Foundation update fixes Critical RCE vulnerability (CVE-2021-39144) with published exploit code
- VMware Tools update fixes local privilege escalation vulnerability (CVE-2022-31676)