all InfoSec news
Multiple vulnerabilities in VMware vRealize Log Insight Could Allow for Remote Code Execution
Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org
Multiple vulnerabilities have been discovered in VMware vRealize Log Insight, the most severe of which could allow for remote code execution. VMware vRealize Log Insight enables real-time logging for all components that build up the management capabilities of the SDDC. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete …
build capabilities code code execution context exploitation insight log logging management privileges remote code remote code execution vmware vmware vrealize log vmware vrealize log insight vrealize vrealize log insight vulnerabilities