VMware published patches last week for four vulnerabilities in its vRealize Log Insight product that, if combined, could allow attackers to take over the log collection and analytics platform. This week, a proof-of-concept exploit chain has been released by security researchers, along with detailed explanations for each vulnerability, meaning in-the-wild attacks could soon follow.
“Gaining access to the Log Insight host provides some interesting possibilities to an attacker, depending on the type of applications that are integrated with it,” researchers with penetration testing firm Horizon3.ai said in their analysis of the flaws. “Often logs ingested may contain sensitive data from other services and may allow an attack to gather session tokens, API keys, and PII. Those keys and sessions may allow the attacker to pivot to other systems and further compromise the environment.”
More Stories
Researchers warn of two new variants of potent IcedID malware loader
Monopolist Service Model Enrages Tesla Owners : $29K Bill for Minor Damage and No Delivery Date
7 Reasons Why You Should Get CMMC Certified Ahead of the May 2023 Rulemaking