CVE-2022-31698 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
vmware	CNA	---				---
CVE	ADP	---				---
CISA-ADP	ADP	5.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 88%

Vendor	Product	Version
vmware	cloud_foundation	3.0
vmware	cloud_foundation	3.0.1
vmware	cloud_foundation	3.0.1.1
vmware	cloud_foundation	3.5
vmware	cloud_foundation	3.5.1
vmware	cloud_foundation	3.7
vmware	cloud_foundation	3.7.1
vmware	cloud_foundation	3.7.2
vmware	cloud_foundation	3.8
vmware	cloud_foundation	3.8.1
vmware	cloud_foundation	3.9
vmware	cloud_foundation	3.9.1
vmware	cloud_foundation	3.10
vmware	cloud_foundation	3.10.1
vmware	cloud_foundation	3.10.1.1
vmware	cloud_foundation	3.10.1.2
vmware	cloud_foundation	3.10.2.1
vmware	cloud_foundation	3.10.2.2
vmware	cloud_foundation	3.11
vmware	cloud_foundation	4.0
vmware	cloud_foundation	4.0.1
vmware	cloud_foundation	4.1
vmware	cloud_foundation	4.1.0.1
vmware	cloud_foundation	4.2
vmware	cloud_foundation	4.2.1
vmware	cloud_foundation	4.3
vmware	cloud_foundation	4.3.1
vmware	cloud_foundation	4.4
vmware	cloud_foundation	4.4.1
vmware	cloud_foundation	4.4.1.1
vmware	vcenter_server	6.5
vmware	vcenter_server	6.5:a
vmware	vcenter_server	6.5:b
vmware	vcenter_server	6.5:c
vmware	vcenter_server	6.5:d
vmware	vcenter_server	6.5:e
vmware	vcenter_server	6.5:f
vmware	vcenter_server	6.5:update1
vmware	vcenter_server	6.5:update1b
vmware	vcenter_server	6.5:update1c
vmware	vcenter_server	6.5:update1d
vmware	vcenter_server	6.5:update1e
vmware	vcenter_server	6.5:update1g
vmware	vcenter_server	6.5:update2
vmware	vcenter_server	6.5:update2b
vmware	vcenter_server	6.5:update2c
vmware	vcenter_server	6.5:update2d
vmware	vcenter_server	6.5:update2g
vmware	vcenter_server	6.5:update3
vmware	vcenter_server	6.5:update3d
vmware	vcenter_server	6.5:update3f
vmware	vcenter_server	6.5:update3k
vmware	vcenter_server	6.5:update3n
vmware	vcenter_server	6.5:update3p
vmware	vcenter_server	6.5:update3q
vmware	vcenter_server	6.5:update3r
vmware	vcenter_server	6.5:update3s
vmware	vcenter_server	6.5:update3t
vmware	vcenter_server	6.7
vmware	vcenter_server	6.7:a
vmware	vcenter_server	6.7:b
vmware	vcenter_server	6.7:d
vmware	vcenter_server	6.7:update_3o
vmware	vcenter_server	6.7:update1
vmware	vcenter_server	6.7:update1b
vmware	vcenter_server	6.7:update2
vmware	vcenter_server	6.7:update2a
vmware	vcenter_server	6.7:update2c
vmware	vcenter_server	6.7:update3
vmware	vcenter_server	6.7:update3a
vmware	vcenter_server	6.7:update3b
vmware	vcenter_server	6.7:update3f
vmware	vcenter_server	6.7:update3g
vmware	vcenter_server	6.7:update3j
vmware	vcenter_server	6.7:update3l
vmware	vcenter_server	6.7:update3m
vmware	vcenter_server	6.7:update3n
vmware	vcenter_server	6.7:update3o
vmware	vcenter_server	6.7:update3p
vmware	vcenter_server	6.7:update3q
vmware	vcenter_server	6.7:update3r
vmware	vcenter_server	7.0
vmware	vcenter_server	7.0:a
vmware	vcenter_server	7.0:b
vmware	vcenter_server	7.0:c
vmware	vcenter_server	7.0:d
vmware	vcenter_server	7.0:update1
vmware	vcenter_server	7.0:update1a
vmware	vcenter_server	7.0:update1c
vmware	vcenter_server	7.0:update1d
vmware	vcenter_server	7.0:update2
vmware	vcenter_server	7.0:update2a
vmware	vcenter_server	7.0:update2b
vmware	vcenter_server	7.0:update2c
vmware	vcenter_server	7.0:update2d
vmware	vcenter_server	7.0:update3
vmware	vcenter_server	7.0:update3a
vmware	vcenter_server	7.0:update3c
vmware	vcenter_server	7.0:update3d
vmware	vcenter_server	7.0:update3e
vmware	vcenter_server	7.0:update3f
vmware	vcenter_server	7.0:update3g
vmware	vcenter_server	7.0:update3h
vmware	cloud_foundation	3.10.2
vmware	cloud_foundation	4.1.0.1

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-400 - Uncontrolled Resource Consumption
The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References

https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1588

https://www.vmware.com/security/advisories/VMSA-2022-0030.html

https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1588

https://www.vmware.com/security/advisories/VMSA-2022-0030.html