CVE-2022-22948 - VMware vCenter Server Incorrect Default File Permissions Vulnerability

CVE-2022-22948: VMware | vCenter Server

Date Added:
2024-07-17

Due Date:
2024-08-07

Vulnerability Name: VMware vCenter Server Incorrect Default File Permissions Vulnerability

Description: VMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged attacker to gain access to sensitive information.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes: https://www.vmware.com/security/advisories/VMSA-2022-0009.html; https://nvd.nist.gov/vuln/detail/CVE-2022-22948

Related News Articles

UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term SpyingJune 19, 2024

Cisco Warns of Critical Flaw Affecting On-Prem Smart Software ManagerJuly 18, 2024

Free security scan for your website

Don't show website scan report rating on the leaderboard