The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution.
CPE | Name | Operator | Version |
---|---|---|---|
vrealize_log_insight | ge | 3.0 | |
vrealize_log_insight | le | 4.8 | |
vrealize_log_insight | ge | 8.0.0 | |
vrealize_log_insight | lt | 8.10.2 |