Search Results | AttackerKB

Show filters

Topics 2 Users 0

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

2 Total Results

Displaying 1-2 of 2

Attacker Value

Unknown

CVE-2022-31704

Disclosure Date: January 26, 2023 (last updated October 08, 2023)

The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution.

Attack Vector: Network Privileges: None User Interaction: None

1

Attacker Value

Very High

CVE-2022-31706

Disclosure Date: January 26, 2023 (last updated October 08, 2023)

The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.

Attack Vector: Network Privileges: None User Interaction: None

4