Vmware Vrealize_log_insight

15 CVEs affecting Vmware Vrealize_log_insight. Latest disclosed: 2023-01-26. Critical: 2, High: 4.

Top CVEs affecting Vmware Vrealize_log_insight
CVESeverityScorePublishedSummary
CVE-2022-31706Critical9.82023-01-26The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an imp…
CVE-2022-31704Critical9.82023-01-26The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an…
CVE-2016-2082High8.82016-07-03Cross-site request forgery (CSRF) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to hijack the authentication of…
CVE-2022-31710High7.52023-01-26vRealize Log Insight contains a deserialization vulnerability. An unauthenticated malicious actor can remotely trigger the deserialization of untrusted data wh…
CVE-2022-31703High7.52022-12-14The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an imp…
CVE-2018-6980High7.22018-11-13VMware vRealize Log Insight (4.7.x before 4.7.1 and 4.6.x before 4.6.2) contains a vulnerability due to improper authorization in the user registration method…
CVE-2020-3954Medium6.12020-04-15Open Redirect vulnerability exists in VMware vRealize Log Insight prior to 8.1.0 due to improper Input validation.
CVE-2016-2081Medium6.12016-07-03Cross-site scripting (XSS) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to inject arbitrary web script or HTML…
CVE-2022-31655Medium5.42022-07-12VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts.
CVE-2022-31654Medium5.42022-07-12VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations.
CVE-2021-22021Medium5.42021-08-30VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site Scripting (XSS) vulnerability due to improper user input validation. An attacker with user…
CVE-2022-31711Medium5.32023-01-26VMware vRealize Log Insight contains an Information Disclosure Vulnerability. A malicious actor can remotely collect sensitive session and application informat…
CVE-2016-5332Medium5.32016-08-31Directory traversal vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.6.0 allows remote attackers to read arbitrary files via unspecified vecto…
CVE-2020-3953Medium4.82020-04-15Cross Site Scripting (XSS) vulnerability exists in VMware vRealize Log Insight prior to 8.1.0 due to improper Input validation.
CVE-2021-22035Medium4.32021-10-13VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authe…