VMware fixes four serious vRealize vulnerabilities

>

Virtualization giant VMware has released patches for four vulnerabilities in its vRealize Log Insight product, two of which have a “critical” severity rating.

The critical pair is CVE-2022-31703 and CVE-2022-31704. The former is a directory search vulnerability, while the latter is an access control vulnerability. Both received a severity score of 9.8 and both allow threat actors to access resources that should otherwise be inaccessible.