VDB
CVE-2022-22948
CVE-2022-22948
PUBLISHED
KEV
Es existiert eine Schwachstelle in VMware vCenter Server und VMware Cloud Foundation. Der Fehler besteht aufgrund einer unsachgemäßen Berechtigung von Dateien. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.
EPSS 26.01% · 96.4th percentile
Risk Scores
EPSS Score
26.01%
96.4th percentile
Exploit Intelligence
- Scanner for CVE-2022-22948 an Information Disclosure in VMWare vCenter (github-poc-repo)
- Scanner for CVE-2022-22948 an Information Disclosure in VMWare vCenter (github-poc-repo)
- Scanner for CVE-2022-22948 an Information Disclosure in VMWare vCenter (github-poc-repo)
- Scanner for CVE-2022-22948 an Information Disclosure in VMWare vCenter (github-poc-repo)
- Scanner for CVE-2022-22948 an Information Disclosure in VMWare vCenter (github-poc-repo)
- Scanner for CVE-2022-22948 an Information Disclosure in VMWare vCenter (github-poc-repo)
- Scanner for CVE-2022-22948 an Information Disclosure in VMWare vCenter (github-poc)
- Scanner for CVE-2022-22948 an Information Disclosure in VMWare vCenter (github-poc)
- Scanner for CVE-2022-22948 an Information Disclosure in VMWare vCenter (github-poc)
- Scanner for CVE-2022-22948 an Information Disclosure in VMWare vCenter (github-poc)
…and 20 more exploits
Timeline
- Mar 29, 2022 CVE Published
- Mar 30, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Aug 30, 2022 EPSS Score
- Oct 20, 2022 EPSS Score
- Nov 2, 2022 PoC Published
- Dec 10, 2022 EPSS Score
- Feb 17, 2023 EPSS Score
- Mar 21, 2023 EPSS Score
- Jul 1, 2023 EPSS Score
- Oct 10, 2023 EPSS Score
- Nov 30, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-1449.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1449 advisory
- https://www.mandiant.com/resources/blog/vmware-esxi-zero-day-bypass advisory
- https://www.vmware.com/security/advisories/VMSA-2022-0009.html advisory