VMware warns of critical code execution bugs in vRealize Log Insight

The other flaws fixed by VMware are:CVE-2022-31710 – Deserialization Vulnerability (CVSS score 7.5) that can be exploited by a remote attacker to trigger the deserialization of untrusted data which could result in a denial of service. CVE-2022-31711 – Information Disclosure Vulnerability (CVSS score 7.5) which can be exploited by a remote attacker to collect sensitive session and application information without authentication. A critical vulnerability in VMware vRealize Log Insight appliance can allow an unauthenticated attacker to take full control of a target system.