CVE-2022-22948

VMware vCenter Server Incorrect Default File Permissions Vulnerability

VMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged attacker to gain access to sensitive information. Vendor/Product: VMware vCenter Server. Added to CISA KEV 2024-07-17; required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2022-22948