VMware vRealize Network Insight Advisory (CVE-2022-31702)

Post published on behalf of Ciarán Walsh

VMware has patched two vulnerabilities found in vRealize Network Insight (vRNI), one of which was given a rating of "Critical". 

The more severe of these vulnerabilities, CVE-2022-31702, is a command injection vulnerability in the vRNI REST API. The vulnerability has been given a CVSSv3 score of 9.8. When exploited, the vulnerability could allow an unauthenticated, remote attacker to execute arbitrary commands on vulnerable devices. According to VMware, exploitation of this vulnerability has not been detected and there is no publicly available proof-of-concept code as of yet. However, due to the critical rating of the vulnerability and low attack complexity, organizations should prioritize patching this flaw.

CVE-2022-31703 is a directory traversal vulnerability also in vRNI REST API that received a CVSSv3 score of 7.5. Threat actors with network access can leverage this vulnerability to read files from the server.

VMware has issued patches for both vulnerabilities, and has provided guidance on which versions need remediation.