{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2023-003.pdf"
    },
    "title": "Critical Vulnerability in VMware vRealize Log Insight",
    "serial_number": "2023-003",
    "publish_date": "26-01-2023 10:55:00",
    "description": "On January 24, 2022, VMWare released a new security advisory revealing multiple vulnerabilities in VMware vRealize Log Insight. There are two critical vulnerabilities including a directory traversal vulnerability (CVE-2022-31706) and a broken access control vulnerability (CVE-2022-31704). Both of them have the CVSS score of 9.8 out of 10. <br>It is highly recommended applying the last version.",
    "url_title": "2023-003",
    "content_markdown": "---\ntitle: 'Critical Vulnerability in VMware vRealize Log Insight'\nversion: '1.0'\nnumber: '2023-003'\noriginal_date: 'January 24, 2023'\ndate: 'January 26, 2023'\n---\n\n_History:_\n\n* _26/01/2023 --- v1.0 -- Initial publication_\n  \n# Summary\n\nOn January 24, 2023, VMware released a new security advisory revealing multiple vulnerabilities in VMware vRealize Log Insight [1]. There are two critical vulnerabilities including a directory traversal vulnerability (`CVE-2022-31706`) and a broken access control vulnerability (`CVE-2022-31704`). Both of them have the CVSS score of 9.8 out of 10.\n\nIt is highly recommended applying the last version.\n\n# Technical Details\n\nBy exploiting these critical vulnerabilities, an unauthenticated actor can inject files into the operating system of an impacted appliance and could achieve remote code execution.\n\n# Affected Products\n\n* VMware vRealize Log Insight 8.x\n* VMware Cloud Foundation (VMware vRealize Log Insight) 4.x, 3.x\n\n# Recommendations\n\nCERT-EU highly recommends applying the latest version or the workarounds provided by VMware [1].\n\n# References\n\n[1] <https://www.vmware.com/security/advisories/VMSA-2023-0001.html>",
    "content_html": "<p><em>History:</em></p><ul><li><em>26/01/2023 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On January 24, 2023, VMware released a new security advisory revealing multiple vulnerabilities in VMware vRealize Log Insight [1]. There are two critical vulnerabilities including a directory traversal vulnerability (<code>CVE-2022-31706</code>) and a broken access control vulnerability (<code>CVE-2022-31704</code>). Both of them have the CVSS score of 9.8 out of 10.</p><p>It is highly recommended applying the last version.</p><h2 id=\"technical-details\">Technical Details</h2><p>By exploiting these critical vulnerabilities, an unauthenticated actor can inject files into the operating system of an impacted appliance and could achieve remote code execution.</p><h2 id=\"affected-products\">Affected Products</h2><ul><li>VMware vRealize Log Insight 8.x</li><li>VMware Cloud Foundation (VMware vRealize Log Insight) 4.x, 3.x</li></ul><h2 id=\"recommendations\">Recommendations</h2><p>CERT-EU highly recommends applying the latest version or the workarounds provided by VMware [1].</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.vmware.com/security/advisories/VMSA-2023-0001.html\">https://www.vmware.com/security/advisories/VMSA-2023-0001.html</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}