Critical VMware vRealize Log Insight flaws patched (CVE-2022-31706, CVE-2022-31704)

data breach

malware

AI generated Image

VMware has fixed two critical (CVE-2022-31706, CVE-2022-31704) and two important (CVE-2022-31710, CVE-2022-31711) security vulnerabilities in VMware vRealize Log Insight, its multi-cloud solution for centralized log management, operational visibility and intelligent analytics. CVE-2022-31710 is a deserialization vulnerability that can be triggered remotely to cause denial of service, and CVE-2022-31711 is an information disclosure flaw that attackers can exploit to remotely collect sensitive session and application information without authentication. All four can be fixed by updating VMware vRealize Log Insight – recently renamed to VMware Aria Operations for Logs – to the latest available version (v8.10.2).

Source read time: 1 min - helpnetsecurity.com

Also offered in: Nederlands

More news for you