Rewterz Threat Advisory – Multiple VMware vRealize Operations Vulnerabilities

August 10, 2022

Severity

Medium

Analysis Summary

CVE-2022-31672 CVSS:7.2
VMware vRealize Operations could allow a remote authenticated attacker to gain elevated privileges on the system. An attacker could exploit this vulnerability to gain root privileges on the system.

CVE-2022-31673 CVSS:6.5
VMware vRealize Operations could allow a remote authenticated attacker to obtain sensitive information. An attacker could exploit this vulnerability to create and leak hex dumps and use this information to launch further attacks against the affected system.

CVE-2022-31674 CVSS:6.5
VMware vRealize Operations could allow a remote authenticated attacker to obtain sensitive information. An attacker could exploit this vulnerability to obtain log files and use this information to launch further attacks against the affected system.

CVE-2022-31675 CVSS:5.6
VMware vRealize Operations could allow a remote authenticated attacker to obtain sensitive information. An attacker could exploit this vulnerability to obtain log files and use this information to launch further attacks against the affected system.

Impact

Privilege Escalation
Information Disclosure
Security Bypass

Indicators Of Compromise

CVE

CVE-2022-31672
CVE-2022-31673
CVE-2022-31674
CVE-2022-31675

Affected Vendors

VMware

Affected Products

VMware vRealize Operations 8.0
VMware vRealize Operations 8.1

Remediation

Refer to VMware Security Advisory for patch, upgrade or suggested workaround information.
VMware Security Advisory

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

DarkCrystal RAT aka DCRat – Active IOCs

SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, the Middle East, and Africa – Active IOCs

Strela Stealer Malware Targets Microsoft Outlook Users for Credential Theft – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us