November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Alert – Gootloader – Active IOCs
November 18, 2022Rewterz Threat Advisory – Multiple Google Android Vulnerabilities
November 18, 2022Rewterz Threat Alert – Gootloader – Active IOCs
November 18, 2022Rewterz Threat Advisory – Multiple Google Android Vulnerabilities
November 18, 2022
Severity
High
Analysis Summary
CVE-2022-31690
VMware Tanzu Spring Security could allow a remote attacker to gain elevated privileges on the system. By modifying a request initiated by the Client (via the browser) to the Authorization Server, an attacker could exploit this vulnerability to gain elevated privileges on the system.
Impact
Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2022-31690
Affected Vendors
VMware
Affected Products
- VMware Tanzu Spring Security 5.6.1
- VMware Tanzu Spring Security 5.6.2
- VMware Tanzu Spring Security 5.6.3
- VMware Tanzu Spring Security 5.6.4
- VMware Tanzu Spring Security 5.6.5
- VMware Tanzu Spring Security 5.6.6
- VMware Tanzu Spring Security 5.6.7
- VMware Tanzu Spring Security 5.6.8
Remediation
Refer to VMware Tanzu Website for patch, upgrade or suggested workaround information.