Vulnerabilities > CVE-2022-31710 - Deserialization of Untrusted Data vulnerability in VMWare Vrealize LOG Insight

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
vmware
CWE-502
NVD
Published: 2023-01-26
Updated: 2023-02-01

Summary

vRealize Log Insight contains a deserialization vulnerability. An unauthenticated malicious actor can remotely trigger the deserialization of untrusted data which could result in a denial of service.

Vulnerable Configurations

Part Description Count
Application
Vmware
19

Common Weakness Enumeration (CWE)

References