Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vmwareVMwareVMSA-2022-0030
HistoryDec 08, 2022 - 12:00 a.m.

VMware ESXi and vCenter Server updates address multiple security vulnerabilities (CVE-2022-31696, CVE-2022-31697, CVE-2022-31698, CVE-2022-31699)

2022-12-0800:00:00
www.vmware.com
455
vmware
esxi
vcenter server
updates
security
vulnerabilities
cve-2022-31696
cve-2022-31697
cve-2022-31698
cve-2022-31699
memory corruption
information disclosure
denial of service
openslp heap overflow

AI Score

5.4

Confidence

High

EPSS

0.009

Percentile

83.5%

JSON

3a. VMware ESXi memory corruption vulnerability (CVE-2022-31696)

VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5.

3b. VMware vCenter Server information disclosure vulnerability (CVE-2022-31697)

The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.2.

3c. VMware vCenter Server content library denial of service vulnerability (CVE-2022-31698)

The vCenter Server contains a denial-of-service vulnerability in the content library service. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.8.

3d. VMware ESXi OpenSLP heap overflow vulnerability (CVE-2022-31699)

VMware ESXi contains a heap-overflow vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.2.

References

Related

malwarebytes 2
ibm 2
nessus 2
nvd 4
zdi 1
cvelist 4
prion 4
cve 4
talosblog 1
talos 1
malwarebytes
malwarebytes
New ESXiArgs encryption routine outmaneuvers recovery methods
2023-02-14 06:00:00
[update]Two year old vulnerability used in ransomware attack against VMware ESXi
2023-02-06 04:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in VMware vCenter affect IBM Cloud Pak System (CVE-2022-31697, CVE-2022-31698)
2023-03-31 14:35:22
Security Bulletin: Multiple vulnerabilities identified in VMWare ESXi shipped with IBM Cloud Pak System
2023-03-31 14:38:04
nessus
nessus
VMware vCenter Server 6.5 < 6.5 U3u / 6.7 < 6.7.0 U3s / 7.0 < 7.0 U3i Multiple Vulnerabilities (VMSA-2022-0030)
2022-12-15 00:00:00
ESXi 6.5 / 6.7 / 7.0 Multiple Vulnerabilities (VMSA-2022-0030)
2022-12-15 00:00:00
nvd
nvd
CVE-2022-31697
2022-12-13 16:15:19
CVE-2022-31696
2022-12-13 16:15:19
CVE-2022-31698
2022-12-13 16:15:19
zdi
zdi
VMware ESXi TCP/IP Memory Corruption Local Privilege Escalation Vulnerability
2022-12-21 00:00:00
cvelist
cvelist
CVE-2022-31696
2022-12-13 00:00:00
CVE-2022-31697
2022-12-13 00:00:00
CVE-2022-31699
2022-12-13 00:00:00
prion
prion
Information disclosure
2022-12-13 16:15:00
Memory corruption
2022-12-13 16:15:00
Heap overflow
2022-12-13 16:15:00
cve
cve
CVE-2022-31697
2022-12-13 16:15:19
CVE-2022-31696
2022-12-13 16:15:19
CVE-2022-31698
2022-12-13 16:15:19
talosblog
talosblog
Vulnerability Spotlight: Denial-of-service vulnerability discovered in VMWare vCenter
2022-12-13 16:51:39
talos
talos
VMware vCenter Server Content Library denial of service vulnerability
2022-12-13 00:00:00

AI Score

5.4

Confidence

High

EPSS

0.009

Percentile

83.5%

JSON
Related for VMSA-2022-0030
malwarebytes2ibm2nessus2nvd4zdi1cvelist4prion4cve4talosblog1talos1