Vmware Vrealize_log_insight
15 CVEs affecting Vmware Vrealize_log_insight. Latest disclosed: 2023-01-26. Critical: 2, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-31706 | Critical | 9.8 | 2023-01-26 | The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an imp… |
CVE-2022-31704 | Critical | 9.8 | 2023-01-26 | The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an… |
CVE-2016-2082 | High | 8.8 | 2016-07-03 | Cross-site request forgery (CSRF) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to hijack the authentication of… |
CVE-2022-31710 | High | 7.5 | 2023-01-26 | vRealize Log Insight contains a deserialization vulnerability. An unauthenticated malicious actor can remotely trigger the deserialization of untrusted data wh… |
CVE-2022-31703 | High | 7.5 | 2022-12-14 | The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an imp… |
CVE-2018-6980 | High | 7.2 | 2018-11-13 | VMware vRealize Log Insight (4.7.x before 4.7.1 and 4.6.x before 4.6.2) contains a vulnerability due to improper authorization in the user registration method… |
CVE-2020-3954 | Medium | 6.1 | 2020-04-15 | Open Redirect vulnerability exists in VMware vRealize Log Insight prior to 8.1.0 due to improper Input validation. |
CVE-2016-2081 | Medium | 6.1 | 2016-07-03 | Cross-site scripting (XSS) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to inject arbitrary web script or HTML… |
CVE-2022-31655 | Medium | 5.4 | 2022-07-12 | VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts. |
CVE-2022-31654 | Medium | 5.4 | 2022-07-12 | VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations. |
CVE-2021-22021 | Medium | 5.4 | 2021-08-30 | VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site Scripting (XSS) vulnerability due to improper user input validation. An attacker with user… |
CVE-2022-31711 | Medium | 5.3 | 2023-01-26 | VMware vRealize Log Insight contains an Information Disclosure Vulnerability. A malicious actor can remotely collect sensitive session and application informat… |
CVE-2016-5332 | Medium | 5.3 | 2016-08-31 | Directory traversal vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.6.0 allows remote attackers to read arbitrary files via unspecified vecto… |
CVE-2020-3953 | Medium | 4.8 | 2020-04-15 | Cross Site Scripting (XSS) vulnerability exists in VMware vRealize Log Insight prior to 8.1.0 due to improper Input validation. |
CVE-2021-22035 | Medium | 4.3 | 2021-10-13 | VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authe… |