There could be attacks on logging systems with vRealize Log from VMware. Two security gaps are particularly dangerous, which attackers could use to execute malicious code. A counter-armed version is available for download. Admins have to secure older issues with an interim solution.
With vRealize Log, admins record data traffic in cloud and network environments for analysis.
The gaps and their impact
According to an alert, the developers have found a total of four vulnerabilities (CVE-2022-31706 “critical“, CVE-2022-31704 “critical“, CVE-2022-31710 “hoch“, CVE-2022-31711 “medium“) closed. How attacks could proceed is so far unclear.
Attackers should be able to use the two critical vulnerabilities to push their own files into the system without authentication. This could result in the execution of malicious code. In addition, attackers could still carry out DoS attacks and access information without authorization.
The solution
To fix these security issues, admins need to install vRealize Log 8.10.2. If you are still using older versions 3.x or 4.x, you should upgrade or secure systems with a workaround.
(of the)
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/MGY6IMGQGRNJFB2XFOVFUFOIHI.jpg)
