VDB
CVE-2022-31655
CVE-2022-31655
PUBLISHED
CVSS 3.5 LOW
VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts.
EPSS 1.26% · 79.8th percentile
Risk Scores
CVSS 2.0
3.5
EPSS Score
1.26%
79.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | VMware vRealize Log Insight | VMware vRealize Log Insight prior to 8.8.2 |
| vmware | vrealize_log_insight | 0 |
Exploit Intelligence
Timeline
- Jul 12, 2022 CVE Published
- Jul 13, 2022 EPSS Score
- Aug 30, 2022 EPSS Score
- Oct 16, 2022 EPSS Score
- Dec 2, 2022 EPSS Score
- Jan 18, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 23, 2023 EPSS Score
- Jun 9, 2023 EPSS Score
- Jul 26, 2023 EPSS Score
- Sep 11, 2023 EPSS Score
- Oct 28, 2023 EPSS Score
References
- https://www.vmware.com/security/advisories/VMSA-2022-0018.html advisory
- https://www.vmware.com/security/advisories/VMSA-2022-0020.html advisory
- https://www.vmware.com/security/advisories/VMSA-2022-0019.html advisory
- https://www.vmware.com/security/advisories/VMSA-2021-0025.html advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-31655 advisory