Vmware Vrealize Log Insight — known CVE vulnerabilities
Every CVE whose affected-product data names Vmware Vrealize Log Insight, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2022-31704 — CVSS 9.8 (critical): The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into…
CVE-2022-31706 — CVSS 9.8 (critical): The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the…
CVE-2016-2082 — CVSS 8.8 (high): Cross-site request forgery (CSRF) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to hijack…
CVE-2022-31703 — CVSS 7.5 (high): The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the…
CVE-2022-31710 — CVSS 7.5 (high): vRealize Log Insight contains a deserialization vulnerability. An unauthenticated malicious actor can remotely trigger the deserialization…
CVE-2018-6980 — CVSS 7.2 (high): VMware vRealize Log Insight (4.7.x before 4.7.1 and 4.6.x before 4.6.2) contains a vulnerability due to improper authorization in the user…
CVE-2020-3954 — CVSS 6.1 (medium): Open Redirect vulnerability exists in VMware vRealize Log Insight prior to 8.1.0 due to improper Input validation.
CVE-2016-2081 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to inject…
CVE-2021-22021 — CVSS 5.4 (medium): VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site Scripting (XSS) vulnerability due to improper user input validation…
CVE-2022-31654 — CVSS 5.4 (medium): VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input…
CVE-2022-31655 — CVSS 5.4 (medium): VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input…
CVE-2022-31711 — CVSS 5.3 (medium): VMware vRealize Log Insight contains an Information Disclosure Vulnerability. A malicious actor can remotely collect sensitive session and…
CVE-2016-5332 — CVSS 5.3 (medium): Directory traversal vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.6.0 allows remote attackers to read arbitrary files…
CVE-2020-3953 — CVSS 4.8 (medium): Cross Site Scripting (XSS) vulnerability exists in VMware vRealize Log Insight prior to 8.1.0 due to improper Input validation.
CVE-2021-22035 — CVSS 4.3 (medium): VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics…