{"vulnerability": "CVE-2022-3170", "sightings": [{"uuid": "f57822e0-5a04-4832-bd8d-13f184211385", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31706", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "3f5b0596-e4ae-42c5-bc16-cecd30686cca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31704", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "42accc7b-14b8-424b-b14e-f05b4e1b64d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31704", "type": "seen", "source": "https://gist.github.com/nguyentin1136-ops/f5bea0e7ad800547c3e9b5e241e2d65c", "content": "", "creation_timestamp": "2025-10-20T04:01:23.000000Z"}, {"uuid": "86dcd3f6-9562-467b-a404-c57a4c18ad9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31706", "type": "seen", "source": "https://gist.github.com/nguyentin1136-ops/f5bea0e7ad800547c3e9b5e241e2d65c", "content": "", "creation_timestamp": "2025-10-20T04:01:23.000000Z"}, {"uuid": "147c7b1f-ee11-4cae-97b2-59e42ff9e36f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31704", "type": "seen", "source": "https://gist.github.com/nguyentin1136-ops/937b4359948bbce2e6e7cefbf97e8766", "content": "", "creation_timestamp": "2025-10-20T05:01:51.000000Z"}, {"uuid": "1004064c-de9e-402d-93d9-6c445b5d0a1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31706", "type": "seen", "source": "https://gist.github.com/nguyentin1136-ops/937b4359948bbce2e6e7cefbf97e8766", "content": "", "creation_timestamp": "2025-10-20T05:01:51.000000Z"}, {"uuid": "b00a0ff8-cdac-48f7-8934-072a93424c63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31704", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m3dnrkxkvs2g", "content": "", "creation_timestamp": "2025-10-16T21:02:34.262124Z"}, {"uuid": "a687bf02-9b22-4bc3-906b-3e3172ecf04a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31706", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m3dnrl22ko2a", "content": "", "creation_timestamp": "2025-10-16T21:02:34.840616Z"}, {"uuid": "9e1c68b3-4d26-407e-b854-429004e1d0d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31706", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2022/CVE-2022-31706.yaml", "content": "", "creation_timestamp": "2025-10-15T13:15:45.000000Z"}, {"uuid": "8a43f8b1-b4d5-487e-b9a5-228e458911f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31704", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2022/CVE-2022-31704.yaml", "content": "", "creation_timestamp": "2025-10-15T13:14:20.000000Z"}, {"uuid": "3f8a6453-dad3-4771-a87f-c3ac9a6da0b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31706", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/vmware_vrli_rce.rb", "content": "", "creation_timestamp": "2023-09-08T21:32:40.000000Z"}, {"uuid": "74eb1f09-08c6-493f-9de1-055dbc4a55d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31705", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/3827", "content": "\u0413\u0438\u0433\u0430\u043d\u0442 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 VMware \u0432\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0441\u0440\u043e\u0447\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0442\u0440\u0435\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 \u043d\u0438\u0445 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u043e\u0448\u0438\u0431\u043a\u0443 \u0432\u044b\u0445\u043e\u0434\u0430 \u0438\u0437 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b, \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u043d\u0430 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u043c \u043a\u043e\u043d\u043a\u0443\u0440\u0441\u0435 GeekPwn 2022, \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043c\u043e\u043c \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 Tencent Keen Security Lab.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c VM escape, \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u043a\u0430\u043a CVE-2022-31705, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c Ant Security \u042e\u0445\u0430\u043e \u0426\u0437\u044f\u043d\u043e\u043c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u044b \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b VMware Fusion, ESXi \u0438 Workstation.\n\nVMware \u043e\u043f\u0438\u0441\u0430\u043b\u0430 \u043e\u0448\u0438\u0431\u043a\u0443 \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u043f\u0438\u0441\u0438 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u043a\u0443\u0447\u0438 \u0432 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0435 USB 2.0 (EHCI). \u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u00a0\u0433\u043b\u0430\u0432\u043d\u044b\u0439 \u043f\u0440\u0438\u0437 \u043d\u0430 Geekpwn.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e\u00a0\u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044e, VMWare \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b\u0430 \u0435\u0439 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 CVSS 9,3 \u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043d\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u041d\u0430 ESXi \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442\u0441\u044f \u0432 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u0435 VMX, \u0442\u043e\u0433\u0434\u0430 \u043a\u0430\u043a \u043d\u0430 Workstation \u0438 Fusion \u044d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE \u043d\u0430 \u043c\u0430\u0448\u0438\u043d\u0435, \u0433\u0434\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0430 Workstation \u0438\u043b\u0438 Fusion.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0438\u0435 \u043f\u0430\u0440\u0443 \u043e\u0448\u0438\u0431\u043e\u043a \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u043e\u0432, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 VMware vRealize Network Insight (vRNI).\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 vRNI REST API \u0442\u0430\u043a\u0436\u0435 \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u0435\u0442\u0441\u044f VMware \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0441 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e\u0439 \u0431\u0430\u0437\u043e\u0432\u043e\u0439 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSSv3 9,8, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0438\u043c\u0435\u044e\u0449\u0438\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a vRNI REST API, \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.", "creation_timestamp": "2022-12-14T17:30:06.000000Z"}, {"uuid": "891f56b5-c2f4-45bf-ae79-a59bd8f619c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31705", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2209", "content": "#exploit\n1. CVE-2022-31705:\nGeekpwn 2022 Vmware EHCI OOB\nhttps://github.com/s0duku/cve-2022-31705\n\n2. Linux &gt;=4.10: UAF in __do_semtimedop() due to lockless check outside RCU section\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2391\n\n3. Lexmark Printers/Copiers haxx 0-day Exploit\nhttps://github.com/blasty/lexmark", "creation_timestamp": "2023-01-11T16:20:13.000000Z"}, {"uuid": "80dfa8c7-ab32-46a3-9065-7d7e67b7f2c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31700", "type": "seen", "source": "https://t.me/cibsecurity/54549", "content": "\u203c CVE-2022-31700 \u203c\n\nVMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T22:22:51.000000Z"}, {"uuid": "369e3d71-95db-4f04-b9eb-b449aa66db8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31702", "type": "seen", "source": "https://t.me/cibsecurity/54554", "content": "\u203c CVE-2022-31702 \u203c\n\nvRealize Network Insight (vRNI) contains a command injection vulnerability present in the vRNI REST API. A malicious actor with network access to the vRNI REST API can execute commands without authentication.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T22:22:56.000000Z"}, {"uuid": "28f34591-2372-4e49-a000-4da5f57af867", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31705", "type": "seen", "source": "https://t.me/cibsecurity/54552", "content": "\u203c CVE-2022-31705 \u203c\n\nVMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T22:22:54.000000Z"}, {"uuid": "a348276d-7f6a-41ab-97c2-39d3622615e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31701", "type": "seen", "source": "https://t.me/cibsecurity/54551", "content": "\u203c CVE-2022-31701 \u203c\n\nVMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T22:22:53.000000Z"}, {"uuid": "d6017220-a1b6-4f87-87b8-627d5b676155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31703", "type": "seen", "source": "https://t.me/cibsecurity/54550", "content": "\u203c CVE-2022-31703 \u203c\n\nvRealize Network Insight (vRNI) directory traversal vulnerability in vRNI REST API. A malicious actor with network access to the vRNI REST API can read arbitrary files from the server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T22:22:52.000000Z"}, {"uuid": "c06a7004-7214-4c99-aef5-002b623ef060", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31704", "type": "seen", "source": "https://t.me/thehackernews/2984", "content": "VMware releases patch for 4 vulnerabilities in vRealize Log Insight, including 2 critical flaws (CVE-2022-31706 and CVE-2022-31704) that could lead to remote code execution attacks.\n\nRead details: https://thehackernews.com/2023/01/vmware-releases-patches-for-critical.html", "creation_timestamp": "2023-01-25T08:13:57.000000Z"}, {"uuid": "4aa666fb-ae4f-439d-ae7f-984d8ca39f87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31706", "type": "seen", "source": "https://t.me/thehackernews/2984", "content": "VMware releases patch for 4 vulnerabilities in vRealize Log Insight, including 2 critical flaws (CVE-2022-31706 and CVE-2022-31704) that could lead to remote code execution attacks.\n\nRead details: https://thehackernews.com/2023/01/vmware-releases-patches-for-critical.html", "creation_timestamp": "2023-01-25T08:13:57.000000Z"}, {"uuid": "a711fcb0-8662-48ff-9d84-4494140a026d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31706", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1449", "content": "CVE-2023-34051 : VMware Aria Operations for Logs\u00a0 - Authentication Bypass\n\nPOC : https://github.com/horizon3ai/CVE-2023-34051\n\nTechnical Analysis : https://www.horizon3.ai/vmware-aria-operations-for-logs-cve-2023-34051-technical-deep-dive\n\nIndicators of Compromise : https://www.horizon3.ai/vmware-vrealize-cve-2022-31706-iocs/", "creation_timestamp": "2024-08-16T08:37:52.000000Z"}, {"uuid": "069b3e8e-4bde-4924-9df0-625e0b35e5a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31704", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10068", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31704\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution.\n\ud83d\udccf Published: 2023-01-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-02T13:26:58.952Z\n\ud83d\udd17 References:\n1. https://www.vmware.com/security/advisories/VMSA-2023-0001.html\n2. http://packetstormsecurity.com/files/174606/VMware-vRealize-Log-Insight-Unauthenticated-Remote-Code-Execution.html", "creation_timestamp": "2025-04-02T13:33:38.000000Z"}, {"uuid": "68cae88c-5cdc-42c0-a552-f774c33dd182", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31706", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10071", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31706\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.\n\ud83d\udccf Published: 2023-01-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-02T13:25:27.733Z\n\ud83d\udd17 References:\n1. https://www.vmware.com/security/advisories/VMSA-2023-0001.html\n2. http://packetstormsecurity.com/files/174606/VMware-vRealize-Log-Insight-Unauthenticated-Remote-Code-Execution.html", "creation_timestamp": "2025-04-02T13:33:43.000000Z"}, {"uuid": "a4dd4fae-e438-408e-8f6c-92936af8c1f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31707", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12442", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31707\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.\n\ud83d\udccf Published: 2022-12-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-18T13:29:00.580Z\n\ud83d\udd17 References:\n1. https://www.vmware.com/security/advisories/VMSA-2022-0034.html", "creation_timestamp": "2025-04-18T13:58:47.000000Z"}, {"uuid": "e353a68e-0c8e-4e23-a99c-6589792f4e36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31708", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12443", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31708\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4.\n\ud83d\udccf Published: 2022-12-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-18T13:27:34.388Z\n\ud83d\udd17 References:\n1. https://www.vmware.com/security/advisories/VMSA-2022-0034.html", "creation_timestamp": "2025-04-18T13:58:48.000000Z"}, {"uuid": "715b958d-4aad-4f21-abea-25fed09f5494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31706", "type": "seen", "source": "https://t.me/ctinow/90429", "content": "Experts released VMware vRealize Log RCE exploit for CVE-2022-31706\n\nhttps://ift.tt/2awPqiv", "creation_timestamp": "2023-01-31T20:47:42.000000Z"}, {"uuid": "46c2750b-bb40-4501-a09a-a284a9f9c929", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31704", "type": "seen", "source": "https://t.me/ctinow/89091", "content": "Critical VMware vRealize Log Insight flaws patched (CVE-2022-31706, CVE-2022-31704)\n\nhttps://ift.tt/bpfEuMw", "creation_timestamp": "2023-01-25T13:14:27.000000Z"}, {"uuid": "d7c39b1c-bc54-48fb-989c-8f228e14107c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31706", "type": "seen", "source": "https://t.me/ctinow/89091", "content": "Critical VMware vRealize Log Insight flaws patched (CVE-2022-31706, CVE-2022-31704)\n\nhttps://ift.tt/bpfEuMw", "creation_timestamp": "2023-01-25T13:14:27.000000Z"}, {"uuid": "b66d8f4a-67b5-4032-89ec-c18b6f70a625", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31700", "type": "published-proof-of-concept", "source": "Telegram/QpDoeMqjQ0IRwU8T8UciqFswfkPSo5yZHjAKqpZ99MeemPQ", "content": "", "creation_timestamp": "2023-03-05T08:39:29.000000Z"}, {"uuid": "295f07dc-c8ab-4633-9e12-975b24dd3a03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31705", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1274", "content": "CVE-2022-31705\nPOC\nGeekpwn 2022 Vmware EHCI OOB\ndownload", "creation_timestamp": "2023-01-10T05:41:14.000000Z"}, {"uuid": "c50dbac6-3ede-4732-a4ee-392c56c91235", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31705", "type": "published-proof-of-concept", "source": "Telegram/m-_AM4FJpiRJEcm3jCUXxS5qshgB4HVu9omgguHSr0D_t0s", "content": "", "creation_timestamp": "2023-02-02T02:28:05.000000Z"}, {"uuid": "a0a27caa-7703-4105-872f-846835beaf51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3170", "type": "seen", "source": "https://t.me/cibsecurity/49664", "content": "\u203c CVE-2022-3170 \u203c\n\nAn out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id-&gt;name' provided by the user did not end with '\\0'. A privileged local user could pass a specially crafted name through ioctl() interface and crash the system or potentially escalate their privileges on the system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-13T20:25:29.000000Z"}, {"uuid": "f2a2e137-b2c6-447c-a2cc-3aad07bdcc83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31700", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7865", "content": "#exploit\n1. NetBSD Overflow\nhttps://seclists.org/fulldisclosure/2023/Mar/0\n]-&gt; https://github.com/fuzzingrf/netbsd_hfs\n\n2. Exploring Web3 Security: A Step-by-Step Guide to Creating PoCs for Previous Findings\nhttps://infosecwriteups.com/exploring-web3-security-a-step-by-step-guide-to-creating-proof-of-concepts-for-previous-findings-22db1135566\n\n3. CVE-2022-31700:\nVMWare Workspace ONE Access Claim TransformationHelper validateClaimRuleCondition RCE\nhttps://srcincite.io/advisories/src-2022-0023\n]-&gt; https://trenchant.io/vmware-workspace-one-access", "creation_timestamp": "2023-03-04T20:59:02.000000Z"}, {"uuid": "31ccaf7c-f001-4197-94be-02bf14d07072", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31704", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/683", "content": "CVE-2022-31706 &amp; CVE-2022-31704 &amp; CVE-2022-31710 &amp; CVE-2022-31711 : VMware vRealize Log Insight VMSA-2023-0001\u00a0\nPOC : https://github.com/horizon3ai/vRealizeLogInsightRCE", "creation_timestamp": "2023-02-05T18:30:23.000000Z"}, {"uuid": "be994195-fe12-4dcf-9e3d-d68d6cac6045", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31706", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/683", "content": "CVE-2022-31706 &amp; CVE-2022-31704 &amp; CVE-2022-31710 &amp; CVE-2022-31711 : VMware vRealize Log Insight VMSA-2023-0001\u00a0\nPOC : https://github.com/horizon3ai/vRealizeLogInsightRCE", "creation_timestamp": "2023-02-05T18:30:23.000000Z"}, {"uuid": "057bd4d4-a766-4e0e-a2cb-c96ca7e1fc75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31704", "type": "published-proof-of-concept", "source": "Telegram/E_yspdvD2OkGzVpTzZE5pT7_xF8O16klvXLRVGJdEx8V", "content": "", "creation_timestamp": "2023-10-22T23:08:41.000000Z"}, {"uuid": "80d6cd1e-bc4e-4ab8-8e3a-834d428c22b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31706", "type": "published-proof-of-concept", "source": "Telegram/E_yspdvD2OkGzVpTzZE5pT7_xF8O16klvXLRVGJdEx8V", "content": "", "creation_timestamp": "2023-10-22T23:08:41.000000Z"}, {"uuid": "dcbe3d97-a7c3-4c36-b479-b8e17d43110c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31704", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2486", "content": "\ud83d\udd25\ud83d\udd25\ud83d\udd25VMware vRealize Log Insight VMSA-2023-0001 Technical Deep Dive\nThis vulnerability is exploitable in the default configuration for VMware vRealize Log Insight. We have successfully reproduced this exploit and would like to provide the technical details about how this vulnerability works. \n\n\ud83d\udca5PoC for VMSA-2023-0001 affecting VMware vRealize Log Insight which includes the following CVEs:\n\ud83d\udcbe VMware vRealize Log Insight Directory Traversal Vulnerability\n(CVE-2022-31706)\n\ud83d\udcbe VMware vRealize Log Insight broken access control Vulnerability\n(CVE-2022-31704)\n\ud83d\udcbe VMware vRealize Log Insight contains an Information Disclosure Vulnerability\n(CVE-2022-31711)\n\nDownload:https://system32.ink/news-feed/p/205/", "creation_timestamp": "2023-02-02T01:33:27.000000Z"}, {"uuid": "3f74b699-fe10-4574-bbdc-154f7f7203d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31706", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2486", "content": "\ud83d\udd25\ud83d\udd25\ud83d\udd25VMware vRealize Log Insight VMSA-2023-0001 Technical Deep Dive\nThis vulnerability is exploitable in the default configuration for VMware vRealize Log Insight. We have successfully reproduced this exploit and would like to provide the technical details about how this vulnerability works. \n\n\ud83d\udca5PoC for VMSA-2023-0001 affecting VMware vRealize Log Insight which includes the following CVEs:\n\ud83d\udcbe VMware vRealize Log Insight Directory Traversal Vulnerability\n(CVE-2022-31706)\n\ud83d\udcbe VMware vRealize Log Insight broken access control Vulnerability\n(CVE-2022-31704)\n\ud83d\udcbe VMware vRealize Log Insight contains an Information Disclosure Vulnerability\n(CVE-2022-31711)\n\nDownload:https://system32.ink/news-feed/p/205/", "creation_timestamp": "2023-02-02T01:33:27.000000Z"}, {"uuid": "795fa4a8-9d91-441e-bf75-eb1414e5126c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31704", "type": "exploited", "source": "https://t.me/true_secator/5005", "content": "VMware \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 vRealize Log Insight (VMware Aria Operations for Logs), \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d PoC.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a\u00a0CVE-2023-34051, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root \u043f\u0440\u0438 \u0441\u043e\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u0439.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Horizon3, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0445 \u043e\u0448\u0438\u0431\u043a\u0443, \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u043d\u0430 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u0438\u043b\u0438 \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430.\n\nHorizon3 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430\u00a0\u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u043f\u0440\u0438\u0447\u0438\u043d\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u043e \u0442\u043e\u043c, \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c CVE-2023-34051 \u0434\u043b\u044f RCE \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root \u043d\u0430 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 VMware.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438\u00a0PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u00a0\u0438 \u0441\u043f\u0438\u0441\u043e\u043a IOC \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0432\u0437\u043b\u043e\u043c\u0430.\n\n\u0410\u043d\u043e\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u0435\u0442 \u043f\u043e\u0434\u043c\u0435\u043d\u043e\u0439 IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438  \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c\u0438 \u0442\u043e\u0447\u043a\u0430\u043c\u0438 Thrift RPC \u0434\u043b\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0444\u0430\u0439\u043b\u043e\u0432.\n\n\u041a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u0437\u0430\u0434\u0430\u043d\u0438\u0435 cron \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0444\u0430\u0439\u043b \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0438 \u0441\u043e \u0441\u0440\u0435\u0434\u043e\u0439.\n\n\u0427\u0442\u043e\u0431\u044b \u044d\u0442\u0430 \u0430\u0442\u0430\u043a\u0430 \u0441\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0430, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0434\u043e\u043b\u0436\u0435\u043d \u0438\u043c\u0435\u0442\u044c \u0442\u043e\u0442 \u0436\u0435 IP-\u0430\u0434\u0440\u0435\u0441, \u0447\u0442\u043e \u0438 \u0433\u043b\u0430\u0432\u043d\u044b\u0439/\u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u0443\u0437\u0435\u043b.\n\n\u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e \u0441\u0443\u0442\u0438 \u0442\u0430\u043a\u0436\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0445\u043e\u0434\u043e\u043c\u00a0\u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043e\u0448\u0438\u0431\u043e\u043a,\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 VMware \u0432 \u044f\u043d\u0432\u0430\u0440\u0435, \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c RCE.\n\n\u041f\u0435\u0440\u0432\u0430\u044f (CVE-2022-31706) - \u044d\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u043e\u0431\u0445\u043e\u0434\u0430 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430, \u0432\u0442\u043e\u0440\u0430\u044f (CVE-2022-31704) - \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0430 \u0442\u0440\u0435\u0442\u044c\u044f \u2014 \u043e\u0448\u0438\u0431\u043a\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 (CVE-2022-31711).\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u0442\u044c \u044d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (\u0432 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 VMware \u043a\u0430\u043a\u00a0VMSA-2023-0001) \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u041e\u0421 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u043e\u0435 \u041f\u041e Aria Operations for Logs.\n\n\u0422\u043e\u0433\u0434\u0430 \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0434\u0435\u043b\u044e \u043f\u043e\u0441\u043b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f VMSA-2023-0001 Horizon3 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u044e\u0449\u0438\u0439 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c\u0438 \u0442\u043e\u0447\u043a\u0430\u043c\u0438 Thrift RPC \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0444\u0430\u0439\u043b\u043e\u0432.\n\n\u042d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043b\u0435\u0433\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c, \u043e\u0434\u043d\u0430\u043a\u043e \u043e\u043d\u0430 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0434\u043b\u044f \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u044d\u0442\u043e\u0442 \u043f\u0440\u043e\u0434\u0443\u043a\u0442 \u0432\u0440\u044f\u0434 \u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u0443\u0434\u0435\u0442 \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u0437\u0430\u043a\u0440\u0435\u043f\u0438\u0442\u044c\u0441\u044f \u0433\u0434\u0435-\u0442\u043e \u0432 \u0441\u0435\u0442\u0438.\n\n\u041d\u043e \u0437\u0430\u0447\u0430\u0441\u0442\u0443\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0430\u043d\u0435\u0435 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u044f\u0445 \u0434\u043b\u044f \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 VMware \u0446\u0435\u043d\u043d\u044b\u043c\u0438 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c\u0438 \u0446\u0435\u043b\u044f\u043c\u0438.", "creation_timestamp": "2023-10-25T13:20:05.000000Z"}, {"uuid": "b6e81636-a81b-4420-8a9f-664a3c32ab11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31706", "type": "exploited", "source": "https://t.me/true_secator/5005", "content": "VMware \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 vRealize Log Insight (VMware Aria Operations for Logs), \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d PoC.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a\u00a0CVE-2023-34051, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root \u043f\u0440\u0438 \u0441\u043e\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u0439.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Horizon3, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0445 \u043e\u0448\u0438\u0431\u043a\u0443, \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u043d\u0430 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u0438\u043b\u0438 \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430.\n\nHorizon3 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430\u00a0\u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u043f\u0440\u0438\u0447\u0438\u043d\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u043e \u0442\u043e\u043c, \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c CVE-2023-34051 \u0434\u043b\u044f RCE \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root \u043d\u0430 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 VMware.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438\u00a0PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u00a0\u0438 \u0441\u043f\u0438\u0441\u043e\u043a IOC \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0432\u0437\u043b\u043e\u043c\u0430.\n\n\u0410\u043d\u043e\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u0435\u0442 \u043f\u043e\u0434\u043c\u0435\u043d\u043e\u0439 IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438  \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c\u0438 \u0442\u043e\u0447\u043a\u0430\u043c\u0438 Thrift RPC \u0434\u043b\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0444\u0430\u0439\u043b\u043e\u0432.\n\n\u041a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u0437\u0430\u0434\u0430\u043d\u0438\u0435 cron \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0444\u0430\u0439\u043b \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0438 \u0441\u043e \u0441\u0440\u0435\u0434\u043e\u0439.\n\n\u0427\u0442\u043e\u0431\u044b \u044d\u0442\u0430 \u0430\u0442\u0430\u043a\u0430 \u0441\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0430, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0434\u043e\u043b\u0436\u0435\u043d \u0438\u043c\u0435\u0442\u044c \u0442\u043e\u0442 \u0436\u0435 IP-\u0430\u0434\u0440\u0435\u0441, \u0447\u0442\u043e \u0438 \u0433\u043b\u0430\u0432\u043d\u044b\u0439/\u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u0443\u0437\u0435\u043b.\n\n\u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e \u0441\u0443\u0442\u0438 \u0442\u0430\u043a\u0436\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0445\u043e\u0434\u043e\u043c\u00a0\u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043e\u0448\u0438\u0431\u043e\u043a,\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 VMware \u0432 \u044f\u043d\u0432\u0430\u0440\u0435, \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c RCE.\n\n\u041f\u0435\u0440\u0432\u0430\u044f (CVE-2022-31706) - \u044d\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u043e\u0431\u0445\u043e\u0434\u0430 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430, \u0432\u0442\u043e\u0440\u0430\u044f (CVE-2022-31704) - \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0430 \u0442\u0440\u0435\u0442\u044c\u044f \u2014 \u043e\u0448\u0438\u0431\u043a\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 (CVE-2022-31711).\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u0442\u044c \u044d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (\u0432 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 VMware \u043a\u0430\u043a\u00a0VMSA-2023-0001) \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u041e\u0421 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u043e\u0435 \u041f\u041e Aria Operations for Logs.\n\n\u0422\u043e\u0433\u0434\u0430 \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0434\u0435\u043b\u044e \u043f\u043e\u0441\u043b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f VMSA-2023-0001 Horizon3 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u044e\u0449\u0438\u0439 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c\u0438 \u0442\u043e\u0447\u043a\u0430\u043c\u0438 Thrift RPC \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0444\u0430\u0439\u043b\u043e\u0432.\n\n\u042d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043b\u0435\u0433\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c, \u043e\u0434\u043d\u0430\u043a\u043e \u043e\u043d\u0430 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0434\u043b\u044f \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u044d\u0442\u043e\u0442 \u043f\u0440\u043e\u0434\u0443\u043a\u0442 \u0432\u0440\u044f\u0434 \u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u0443\u0434\u0435\u0442 \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u0437\u0430\u043a\u0440\u0435\u043f\u0438\u0442\u044c\u0441\u044f \u0433\u0434\u0435-\u0442\u043e \u0432 \u0441\u0435\u0442\u0438.\n\n\u041d\u043e \u0437\u0430\u0447\u0430\u0441\u0442\u0443\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0430\u043d\u0435\u0435 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u044f\u0445 \u0434\u043b\u044f \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 VMware \u0446\u0435\u043d\u043d\u044b\u043c\u0438 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c\u0438 \u0446\u0435\u043b\u044f\u043c\u0438.", "creation_timestamp": "2023-10-25T13:20:05.000000Z"}, {"uuid": "7f25764f-3f1f-446c-a8c1-af5a17445ad1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31704", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:46.000000Z"}, {"uuid": "ba6b5205-35db-4187-a7e7-9568d018adda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31704", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/vmware_vrli_rce.rb", "content": "", "creation_timestamp": "2023-09-08T21:32:40.000000Z"}, {"uuid": "91c5eb55-ec99-437a-99cc-5fccb595bf9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-31706", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=955", "content": "", "creation_timestamp": "2023-01-26T04:00:00.000000Z"}, {"uuid": "39ff77e4-c32e-4b2e-9f85-396941299d83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-31704", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=955", "content": "", "creation_timestamp": "2023-01-26T04:00:00.000000Z"}, {"uuid": "da7981b5-2545-46f1-bf7f-081935193250", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-31703", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_27/2022", "content": "", "creation_timestamp": "2022-12-14T08:14:08.000000Z"}, {"uuid": "82f89d13-16ae-42a1-a130-81753c0666c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-31705", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_27/2022", "content": "", "creation_timestamp": "2022-12-14T08:14:08.000000Z"}, {"uuid": "58b9b7e9-51d2-4575-a81d-6eee2cce6752", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-31702", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_27/2022", "content": "", "creation_timestamp": "2022-12-14T08:14:08.000000Z"}, {"uuid": "40ff4e34-970b-4bd2-9358-1dc46be457cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31700", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/161", "content": "VMWare Workspace ONE Access\n\n\ud83d\udc64 by Steven Seeley\n\nResearcher wrote a blog post regarding the technical details of CVE-2022-31700. It's an interesting case study of attacking custom Java Bean Validators (JSR 380) for RCE.\n\nIn 2022, Steven conducted research against VMWare Workspace ONE Access and was able to find a remote code execution vulnerability triggerable by an authenticated administrator. Although authentication is required, past authentication bypass vulnerabilities have been published.\n\n\ud83d\udcdd Contents:\n\u25cf Intro\n\u25cf Motivation\n\u25cf Vulnerability Analysis\n\u25cf Reaching validateClaimRuleCondition\n\u25cf Looking for validation\n\u25cf Exposure\n\u25cf Proof of Concept\n\u25cf Automation\n\u25cf Manual\n\u25cf Stack Trace\n\nhttps://trenchant.io/vmware-workspace-one-access/", "creation_timestamp": "2023-03-01T06:37:26.000000Z"}, {"uuid": "dca880d4-a8a4-4d8d-8a07-77aa18674175", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31705", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2223", "content": "CVE-2022-31705\nPOC\nGeekpwn 2022 Vmware EHCI OOB\ndownload", "creation_timestamp": "2023-01-12T11:54:51.000000Z"}, {"uuid": "332cba2e-1341-4b1b-a68c-b33cd0a1a5d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31704", "type": "seen", "source": "https://t.me/true_secator/3983", "content": "VMware \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 vRealize Log Insight, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u043d\u0430 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\nvRealize Log Insight (VMware Aria Operations for Logs) \u2014 \u044d\u0442\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0434\u043b\u044f \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0436\u0443\u0440\u043d\u0430\u043b\u0430\u043c\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0432 \u0441\u0440\u0435\u0434\u0430\u0445 VMware.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f CVE-2022-31703 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u041e\u0421 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0434\u043b\u044f RCE.\n\n\u0412\u0442\u043e\u0440\u0430\u044f CVE-2022-31704 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u043d\u043e \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u0442\u044c \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u043f\u0443\u0442\u0435\u043c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432.\n\n\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u043c\u0435\u044e\u0442\u00a0\u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,8/10\u00a0\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u043c\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u043c\u0435\u0448\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\nVMware\u00a0\u0442\u0430\u043a\u0436\u0435\u00a0\u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 (CVE-2022-31710), \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u0437\u043e\u0432\u0430 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f DoS, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0448\u0438\u0431\u043a\u0443 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 (CVE-2022-31711), \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0441\u0435\u0430\u043d\u0441\u0435 \u0438\u043b\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438.\n\n\u041e\u0448\u0438\u0431\u043a\u0438 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c VMware vRealize Log Insight 8.10.2.\u00a0\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043d\u0438 \u043e\u0434\u043d\u0430 \u0438\u0437 \u043e\u0448\u0438\u0431\u043e\u043a \u043d\u0435 \u0431\u044b\u043b\u0430 \u043f\u043e\u043c\u0435\u0447\u0435\u043d\u0430 \u043a\u0430\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, VMware \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044e \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 vRealize Log Insight\u00a0(\u0437\u0434\u0435\u0441\u044c) \u0438 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0430\u0441\u044c \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c.\n\n\u0414\u043b\u044f \u0435\u0433\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043d\u0430 \u043a\u0430\u0436\u0434\u043e\u043c \u0443\u0437\u043b\u0435 vRealize Log Insight \u0432 \u0441\u0432\u043e\u0435\u043c \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u043e\u0434 root \u0447\u0435\u0440\u0435\u0437 SSH \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 (\u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439 VMware\u00a0\u0437\u0434\u0435\u0441\u044c), \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0443\u0431\u0435\u0434\u0438\u0442\u044c\u0441\u044f \u0432 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f, \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u0443\u044f \u043a\u0430\u0436\u0434\u044b\u0439 \u0443\u0437\u0435\u043b \u0438 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043e \u0435\u0433\u043e \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0446\u0438\u0438.", "creation_timestamp": "2023-01-25T13:47:26.000000Z"}, {"uuid": "8d9a6c68-80a2-4751-8935-9482c04295c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31703", "type": "seen", "source": "https://t.me/true_secator/3983", "content": "VMware \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 vRealize Log Insight, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u043d\u0430 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\nvRealize Log Insight (VMware Aria Operations for Logs) \u2014 \u044d\u0442\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0434\u043b\u044f \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0436\u0443\u0440\u043d\u0430\u043b\u0430\u043c\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0432 \u0441\u0440\u0435\u0434\u0430\u0445 VMware.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f CVE-2022-31703 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u041e\u0421 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0434\u043b\u044f RCE.\n\n\u0412\u0442\u043e\u0440\u0430\u044f CVE-2022-31704 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u043d\u043e \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u0442\u044c \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u043f\u0443\u0442\u0435\u043c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432.\n\n\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u043c\u0435\u044e\u0442\u00a0\u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,8/10\u00a0\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u043c\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u043c\u0435\u0448\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\nVMware\u00a0\u0442\u0430\u043a\u0436\u0435\u00a0\u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 (CVE-2022-31710), \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u0437\u043e\u0432\u0430 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f DoS, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0448\u0438\u0431\u043a\u0443 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 (CVE-2022-31711), \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0441\u0435\u0430\u043d\u0441\u0435 \u0438\u043b\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438.\n\n\u041e\u0448\u0438\u0431\u043a\u0438 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c VMware vRealize Log Insight 8.10.2.\u00a0\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043d\u0438 \u043e\u0434\u043d\u0430 \u0438\u0437 \u043e\u0448\u0438\u0431\u043e\u043a \u043d\u0435 \u0431\u044b\u043b\u0430 \u043f\u043e\u043c\u0435\u0447\u0435\u043d\u0430 \u043a\u0430\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, VMware \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044e \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 vRealize Log Insight\u00a0(\u0437\u0434\u0435\u0441\u044c) \u0438 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0430\u0441\u044c \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c.\n\n\u0414\u043b\u044f \u0435\u0433\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043d\u0430 \u043a\u0430\u0436\u0434\u043e\u043c \u0443\u0437\u043b\u0435 vRealize Log Insight \u0432 \u0441\u0432\u043e\u0435\u043c \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u043e\u0434 root \u0447\u0435\u0440\u0435\u0437 SSH \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 (\u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439 VMware\u00a0\u0437\u0434\u0435\u0441\u044c), \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0443\u0431\u0435\u0434\u0438\u0442\u044c\u0441\u044f \u0432 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f, \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u0443\u044f \u043a\u0430\u0436\u0434\u044b\u0439 \u0443\u0437\u0435\u043b \u0438 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043e \u0435\u0433\u043e \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0446\u0438\u0438.", "creation_timestamp": "2023-01-25T13:47:26.000000Z"}, {"uuid": "506a9cd9-b3cf-4729-a405-b4cb7e4ddb08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31705", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7527", "content": "#exploit\n1. CVE-2022-31705:\nGeekpwn 2022 Vmware EHCI OOB\nhttps://github.com/s0duku/cve-2022-31705\n\n2. Linux &gt;=4.10: UAF in __do_semtimedop() due to lockless check outside RCU section\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2391\n\n3. Lexmark Printers/Copiers haxx 0-day Exploit\nhttps://github.com/blasty/lexmark", "creation_timestamp": "2023-01-11T11:01:01.000000Z"}, {"uuid": "8e153306-ef88-4812-a219-6aa36ab2cf3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31704", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9032", "content": "#exploit\n1. CVE-2023-38146:\nArbitrary Code Execution via Windows Themes\nhttps://exploits.forsale/themebleed\n\n2. CVE-2022-31704, CVE-2022-31706, CVE-2022-31711:\nVMware vRealize Log Insight Unauthenticated RCE\nhttps://packetstormsecurity.com/files/174606", "creation_timestamp": "2023-09-16T12:27:01.000000Z"}, {"uuid": "360b8b8d-c021-4dba-8a9d-410efd10a618", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31706", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9032", "content": "#exploit\n1. CVE-2023-38146:\nArbitrary Code Execution via Windows Themes\nhttps://exploits.forsale/themebleed\n\n2. CVE-2022-31704, CVE-2022-31706, CVE-2022-31711:\nVMware vRealize Log Insight Unauthenticated RCE\nhttps://packetstormsecurity.com/files/174606", "creation_timestamp": "2023-09-16T12:27:01.000000Z"}, {"uuid": "1689c817-da41-4e65-bedc-84cce67c3984", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31706", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "c7464c2e-0a69-41e5-8602-617c6c14d5fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31704", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "4432904b-0d3f-49d2-b793-4ebcb3f06bf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31706", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:46.000000Z"}]}