VMware fixes four serious vRealize vulnerabilities

Virtualization giant VMware has released patches for four vRealize Log Insight vulnerabilities, two of which are rated “critical” severity.

The critical pair is CVE-2022-31703 and CVE-2022-31704. The first is a directory browsing vulnerability and the second is a broken access control vulnerability. Both received a severity rating of 9.8 and both allow cybercriminals to access resources that would otherwise be inaccessible.

Leave a Reply

Your email address will not be published. Required fields are marked *