Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiAnonymousZDI-23-114
HistoryFeb 09, 2023 - 12:00 a.m.

VMware vRealize Log Insight addClusterCACertificate Deserialization of Untrusted Data Denial-of-Service Vulnerability

2023-02-0900:00:00
Anonymous
www.zerodayinitiative.com
7
vmware
vrealize log insight
addclustercacertificate
deserialization
untrusted data
denial-of-service

0.001 Low

EPSS

Percentile

40.2%

JSON

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of VMware vRealize Log Insight. Authentication is not required to exploit this vulnerability. The specific flaw exists within the addClusterCACertificate function. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.

Related

cvelist 1
nvd 1
cve 1
prion 1
thn 1
nessus 1
vmware 1
cvelist
cvelist
CVE-2022-31710
2023-01-25 00:00:00
nvd
nvd
CVE-2022-31710
2023-01-26 21:15:38
cve
cve
CVE-2022-31710
2023-01-26 21:15:38
prion
prion
Deserialization of untrusted data
2023-01-26 21:15:00
thn
thn
VMware Releases Patches for Critical vRealize Log Insight Software Vulnerabilities
2023-01-25 07:07:00
nessus
nessus
VMware vRealize Log Insight 8.x < 8.10.2 Mutliple Vulnerabilities (VMSA-2023-0001)
2023-01-26 00:00:00
vmware
vmware
VMware vRealize Log Insight latest updates address multiple security vulnerabilities (CVE-2022-31706, CVE-2022-31704, CVE-2022-31710, CVE-2022-31711)
2023-01-24 00:00:00

0.001 Low

EPSS

Percentile

40.2%

JSON
Related for ZDI-23-114
cvelist1nvd1cve1prion1thn1nessus1vmware1