Source |
CSO |
Identifiant |
8306691 |
Date de publication |
2023-02-02 13:21:00 (vue: 2023-02-02 22:07:34) |
Titre |
Remote code execution exploit chain available for VMware vRealize Log Insight |
Texte |
VMware published patches last week for four vulnerabilities in its vRealize Log Insight product that, if combined, could allow attackers to take over the log collection and analytics platform. This week, a proof-of-concept exploit chain has been released by security researchers, along with detailed explanations for each vulnerability, meaning in-the-wild attacks could soon follow.“Gaining access to the Log Insight host provides some interesting possibilities to an attacker, depending on the type of applications that are integrated with it,” researchers with penetration testing firm Horizon3.ai said in their analysis of the flaws. “Often logs ingested may contain sensitive data from other services and may allow an attack to gather session tokens, API keys, and PII. Those keys and sessions may allow the attacker to pivot to other systems and further compromise the environment.”To read this article in full, please click here |
Envoyé |
Oui |
Condensat |
access allow along analysis analytics api applications are article attack attacker attackers attacks available been chain click code collection combined compromise concept contain could data depending detailed each environment execution explanations exploit firm flaws follow four from full further gather has here horizon3 host ingested insight integrated interesting its keys last log logs may meaning other over patches penetration pii pivot platform please possibilities product proof provides published read released remote researchers said security sensitive services session sessions some soon systems take testing those tokens type vmware vrealize vulnerabilities vulnerability week wild “gaining “often ”to |
Tags |
|
Stories |
|
Notes |
★★★
|
Move |
|