Lucene search
VmwareVULNRICHMENT:CVE-2022-22948HistoryMar 29, 2022 - 5:24 p.m.
CVE-2022-22948
2022-03-2917:24:33
vmware
github.com
11
vcenter server
information disclosure
improper permissions
AI Score
6.5
Confidence
Low
EPSS
0.008
Percentile
81.6%
SSVC
Exploitation
active
Automatable
no
Technical Impact
total
The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:vmware:cloud_foundation:4.0:*:*:*:*:*:*:*"
],
"vendor": "vmware",
"product": "cloud_foundation",
"versions": [
{
"status": "affected",
"version": "4.0",
"lessThan": "5.0",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:vmware:cloud_foundation:3.0:*:*:*:*:*:*:*"
],
"vendor": "vmware",
"product": "cloud_foundation",
"versions": [
{
"status": "affected",
"version": "3.0",
"lessThan": "3.11",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:vmware:vcenter_server:7.0:*:*:*:*:*:*:*"
],
"vendor": "vmware",
"product": "vcenter_server",
"versions": [
{
"status": "affected",
"version": "7.0",
"lessThan": "7.0_u3d",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:vmware:vcenter_server:6.7:*:*:*:*:*:*:*"
],
"vendor": "vmware",
"product": "vcenter_server",
"versions": [
{
"status": "affected",
"version": "6.7",
"lessThan": "6.7_u3p",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:vmware:vcenter_server:6.5:*:*:*:*:*:*:*"
],
"vendor": "vmware",
"product": "vcenter_server",
"versions": [
{
"status": "affected",
"version": "6.5",
"lessThan": "6.5_u3r",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
attackerkb
attackerkb
CVE-2022-22948
2022-03-29 00:00:00
cnvd
cnvd
VMware vCenter Server Information Disclosure Vulnerability (CNVD-2022-55066)
2022-03-31 00:00:00
vmware
vmware
cisa_kev
cisa_kev
VMware vCenter Server Incorrect Default File Permissions Vulnerability
2024-07-17 00:00:00
githubexploit
githubexploit
Exploit for Incorrect Default Permissions in Vmware Cloud Foundation
2021-10-17 09:59:20
nvd
nvd
CVE-2022-22948
2022-03-29 18:15:08
nessus
nessus
prion
prion
Information disclosure
2022-03-29 18:15:00
cvelist
cvelist
CVE-2022-22948
2022-03-29 17:24:33
metasploit
metasploit
VMware vCenter Secrets Dump
2022-08-06 18:01:56
cve
cve
CVE-2022-22948
2022-03-29 18:15:08
thn
thn
UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term Spying
2024-06-19 15:09:00
Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager
2024-07-18 06:01:00
AI Score
6.5
Confidence
Low
EPSS
0.008
Percentile
81.6%
SSVC
Exploitation
active
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2022-22948