Skip to main content

Vrealize Log Insight

11 CVEs product

Monthly

CVE-2022-31703 HIGH This Week

The vRealize Log Insight contains a Directory Traversal Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal RCE Vrealize Log Insight
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2022-31655 MEDIUM PATCH This Month

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

VMware XSS Vrealize Log Insight
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-31654 MEDIUM PATCH This Month

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

VMware XSS Vrealize Log Insight
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2021-22035 MEDIUM PATCH This Month

VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Code Injection VMware Cloud Foundation Vrealize Log Insight Vrealize Suite Lifecycle Manager
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2021-22021 MEDIUM PATCH This Month

VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site Scripting (XSS) vulnerability due to improper user input validation. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS VMware Cloud Foundation Vrealize Log Insight
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2020-3954 MEDIUM This Month

Open Redirect vulnerability exists in VMware vRealize Log Insight prior to 8.1.0 due to improper Input validation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect VMware Vrealize Log Insight
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-3953 MEDIUM This Month

Cross Site Scripting (XSS) vulnerability exists in VMware vRealize Log Insight prior to 8.1.0 due to improper Input validation. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS VMware Vrealize Log Insight
NVD
CVSS 3.1
4.8
EPSS
0.7%
CVE-2018-6980 HIGH PATCH This Week

VMware vRealize Log Insight (4.7.x before 4.7.1 and 4.6.x before 4.6.2) contains a vulnerability due to improper authorization in the user registration method. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass VMware Vrealize Log Insight
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2016-5332 MEDIUM PATCH This Month

Directory traversal vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.6.0 allows remote attackers to read arbitrary files via unspecified vectors. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal VMware Vrealize Log Insight
NVD
CVSS 3.0
5.3
EPSS
0.2%
CVE-2016-2082 HIGH PATCH This Week

Cross-site request forgery (CSRF) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

CSRF VMware Vrealize Log Insight
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2016-2081 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS VMware Vrealize Log Insight
NVD
CVSS 3.0
6.1
EPSS
0.2%
EPSS 2% CVSS 7.5
HIGH This Week

The vRealize Log Insight contains a Directory Traversal Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal RCE Vrealize Log Insight
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

VMware XSS Vrealize Log Insight
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

VMware XSS Vrealize Log Insight
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Code Injection VMware Cloud Foundation +2
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site Scripting (XSS) vulnerability due to improper user input validation. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS VMware Cloud Foundation +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Open Redirect vulnerability exists in VMware vRealize Log Insight prior to 8.1.0 due to improper Input validation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect VMware Vrealize Log Insight
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

Cross Site Scripting (XSS) vulnerability exists in VMware vRealize Log Insight prior to 8.1.0 due to improper Input validation. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS VMware Vrealize Log Insight
NVD
EPSS 1% CVSS 7.2
HIGH PATCH This Week

VMware vRealize Log Insight (4.7.x before 4.7.1 and 4.6.x before 4.6.2) contains a vulnerability due to improper authorization in the user registration method. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass VMware Vrealize Log Insight
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Directory traversal vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.6.0 allows remote attackers to read arbitrary files via unspecified vectors. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal VMware Vrealize Log Insight
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Cross-site request forgery (CSRF) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

CSRF VMware Vrealize Log Insight
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS VMware Vrealize Log Insight
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy