VMware has released updates for a group of four vulnerabilities in its vRealize Log Insight logging platform, three of which can be combined to achieve remote code execution with root privileges. Researchers have developed a working exploit for the bug chain and are urging enterprises to install the patches as soon as possible. Now known as VMware Aria Operations for Logs, vRealize Log Insight makes it easier for VMware admins to analyse and manage terabytes of infrastructure and application logs.
The four critical vulnerabilities in vRealize Log Insight include a directory traversal flaw, an information disclosure bug, a broken access control bug, and a denial-of-service flaw. VMware released updates to address the bugs on Jan. 24, but now researchers at Horizon3 have developed a working exploit for the bugs and are planning to release a detailed technical analysis of the weaknesses and exploit soon.
VMware has advised that the vulnerabilities were addressed with VMware vRealize Log Insight 8.10.2.
Please read full VMware Security Advisory here.
Workaround Available
Workarounds for CVE-2022-31710 can be found in the 'Workaround' column of the 'Response Matrix' on this VMware advisory.
The company also shared a temporary fix for admins who cannot immediately deploy today's security updates in their environments.
Back to Top