VDB
CVE-2022-31654
CVE-2022-31654
PUBLISHED
CVSS 5.400000095367432 MEDIUM
VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations.
EPSS 1.26% · 79.7th percentile
Risk Scores
CVSS v3.1
5.400000095367432
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS Score
1.26%
79.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| vmware | vrealize_log_insight | 0 |
| n/a | VMware vRealize Log Insight | VMware vRealize Log Insight prior to 8.8.2 |
Timeline
- Jul 12, 2022 CVE Published
- Jul 13, 2022 EPSS Score
- Aug 30, 2022 EPSS Score
- Oct 16, 2022 EPSS Score
- Dec 2, 2022 EPSS Score
- Jan 18, 2023 EPSS Score
- Mar 6, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 22, 2023 EPSS Score
- Jun 8, 2023 EPSS Score
- Jul 25, 2023 EPSS Score
- Sep 10, 2023 EPSS Score
References
- https://www.vmware.com/security/advisories/VMSA-2022-0018.html advisory
- https://www.vmware.com/security/advisories/VMSA-2022-0020.html advisory
- https://www.vmware.com/security/advisories/VMSA-2022-0019.html advisory
- https://www.vmware.com/security/advisories/VMSA-2021-0025.html advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-31654 advisory