{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-31707", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "dateUpdated": "2022-12-16T00:00:00", "dateReserved": "2022-05-25T00:00:00", "datePublished": "2022-12-16T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2022-12-16T00:00:00"}, "descriptions": [{"lang": "en", "value": "vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2."}], "affected": [{"vendor": "n/a", "product": "VMware vRealize Operations (vROps)", "versions": [{"version": "VMware vRealize Operations (vROps) (Multiple Versions)", "status": "affected"}]}], "references": [{"url": "https://www.vmware.com/security/advisories/VMSA-2022-0034.html"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "VMware vRealize Operations (vROps) privilege escalation vulnerability"}]}]}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:vrealize_operations:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E116568-EC36-4507-AF87-F8AA85B602AF", "versionEndExcluding": "8.6.4.20823815", "versionStartIncluding": "8.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "EA3A3F6E-D752-470C-9869-043343A792A0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2."}, {"lang": "es", "value": "vRealize Operations (vROps) contiene una vulnerabilidad de escalada de privilegios. VMware ha evaluado la gravedad de este problema en el rango de gravedad Importante con una puntuaci\u00f3n base CVSSv3 m\u00e1xima de 7.2."}], "id": "CVE-2022-31707", "lastModified": "2022-12-21T17:15:19.953", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-12-16T16:15:21.863", "references": [{"source": "security@vmware.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.vmware.com/security/advisories/VMSA-2022-0034.html"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}