.png)
As of today, VMware’s vRealize Log Insight platform is vulnerable to three security vulnerabilities, that have been exposed by publicly available exploit code. This has enabled cybercriminals to weaponize these vulnerabilities in a variety of ways. Several critical unauthenticated remote code execution (RCE) bugs have been found.
In the vRealize Log Insight platform, VMware claims that the platform is moving forward under the name Aria Operations, which provides intelligent log management for infrastructures and applications “in any environment,” VMware states. In addition to offering IT departments visibility across physical, virtual, and cloud environments, dashboards and analytics are also able to be extended by third parties. This is done through the use of third-party extensions.
This platform is typically incorporated into an appliance and can gain access to sensitive areas of an organization’s IT infrastructure across a wide range of devices.
Once an attacker has gained access to the Log Insight host, he could exploit some interesting features depending on the type of application he integrates with. This is according to Horizon.ai researcher James Horseman, who examined the publicly available exploit code. Often, the ingested logs may include sensitive information from other services. This includes session token
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: