Headline
CVE-2022-31672: VMSA-2022-0022
VMware vRealize Operations contains a privilege escalation vulnerability. A malicious actor with administrative network access can escalate privileges to root.
Advisory ID: VMSA-2022-0022
CVSSv3 Range: 5.6-7.2
Issue Date: 2022-08-09
Updated On: 2022-08-09 (Initial Advisory)
CVE(s): CVE-2022-31672, CVE-2022-31673, CVE-2022-31674, CVE-2022-31675
Synopsis: VMware vRealize Operations contains multiple vulnerabilities
Share this page on social media
Sign up for Security Advisories
****1. Impacted Products****
- VMware vRealize Operations
****2. Introduction****
Multiple vulnerabilities in vRealize Operations were privately reported to VMware. Patches are available to remediate this vulnerability in affected VMware products.
****3a. Privilege Escalation Vulnerability (CVE-2022-31672)****
VMware vRealize Operations contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.
A malicious actor with administrative network access can escalate privileges to root.
To remediate CVE-2022-31672, apply the patches listed in the ‘Fixed Version’ column of the ‘Resolution Matrix’ found below.
VMware would like to thank Steven Seeley (mr_me) of Qihoo 360 Vulnerability Research Institute for reporting this issue to us.
****3b. Information Disclosure Vulnerability (CVE-2022-31673)****
VMware vRealize Operations contains an information disclosure vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.5.
A low-privileged malicious actor with network access can create and leak hex dumps, leading to information disclosure. Successful exploitation can lead to a remote code execution.
To remediate CVE-2022-31673, apply the patches listed in the ‘Fixed Version’ column of the ‘Resolution Matrix’ found below.
VMware would like to thank Steven Seeley (mr_me) of Qihoo 360 Vulnerability Research Institute for reporting this issue to us.
****3c. Information Disclosure Vulnerability (CVE-2022-31674)****
VMware vRealize Operations contains an information disclosure vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.5.
A low-privileged malicious actor with network access can access log files that lead to information disclosure.
To remediate CVE-2022-31674, apply the patches listed in the ‘Fixed Version’ column of the ‘Resolution Matrix’ found below.
VMware would like to thank Steven Seeley (mr_me) of Qihoo 360 Vulnerability Research Institute for reporting this issue to us.
****3d. Authentication Bypass Vulnerability (CVE-2022-31675)****
VMware vRealize Operations contains an authentication bypass vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.6.
An unauthenticated malicious actor with network access may be able to create a user with administrative privileges.
To remediate CVE-2022-31675, apply the patches listed in the ‘Fixed Version’ column of the ‘Resolution Matrix’ found below.
VMware would like to thank Steven Seeley (mr_me) of Qihoo 360 Vulnerability Research Institute for reporting this issue to us.
Product
Version
Running On
CVE Identifier
CVSSv3
Severity
Fixed Version
Workarounds
Additional Documentation
VMware vRealize Operations
8.x
Any
CVE-2022-31672, CVE-2022-31673, CVE-2022-31674, CVE-2022-31675
7.2, 6.5, 5.6
important
8.6.4
None
None
****4. References****
****5. Change Log****
**2022-08-09: VMSA-2022-0022
**Initial security advisory.
****6. Contact****