{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-31708", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "dateUpdated": "2022-12-16T00:00:00", "dateReserved": "2022-05-25T00:00:00", "datePublished": "2022-12-16T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2022-12-16T00:00:00"}, "descriptions": [{"lang": "en", "value": "vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4."}], "affected": [{"vendor": "n/a", "product": "VMware vRealize Operations (vROps)", "versions": [{"version": "VMware vRealize Operations (vROps) (Multiple Versions)", "status": "affected"}]}], "references": [{"url": "https://www.vmware.com/security/advisories/VMSA-2022-0034.html"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "VMware vRealize Operations (vROps) contains an access control vulnerability"}]}]}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:vrealize_operations:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E116568-EC36-4507-AF87-F8AA85B602AF", "versionEndExcluding": "8.6.4.20823815", "versionStartIncluding": "8.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "EA3A3F6E-D752-470C-9869-043343A792A0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4."}, {"lang": "es", "value": "vRealize Operations (vROps) contiene una vulnerabilidad de control de acceso roto. VMware ha evaluado la gravedad de este problema en el rango de gravedad moderada con una puntuaci\u00f3n base CVSSv3 m\u00e1xima de 4,4."}], "id": "CVE-2022-31708", "lastModified": "2023-08-08T14:22:24.967", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-12-16T16:15:21.910", "references": [{"source": "security@vmware.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.vmware.com/security/advisories/VMSA-2022-0034.html"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}