CVE-2021-22035

CVE-2021-22035

VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log Insight which could be executed in user’s environment.

Source: CVE-2021-22035

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다