• VMware fixes four serious vRealize vulnerabilities

    13 days ago - By Tech Radar

    Virtualization giant VMware has released patches for four vulnerabilities in its vRealize Log Insight product, two of which have a “critical” severity rating. The critical pair are CVE-2022-31703 and CVE-2022-31704. The former is a directory traversal vulnerability, while the latter is a broken access control vulnerability. Both were given a 9.8 severity score, and both allow threat actors to access resources that should otherwise be inaccessible. "An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code...
    Read more ...