Vmware released security updates and workarounds to address critical security vulnerabilities (CVE-2022-31706, CVE-2022-31704, CVE-2022-31710, CVE-2022-31711) in VMware vRealize Log Insight product. A malicious actor could exploit some these vulnerabilities to trigger denial of service, remote code execution and sensitive information disclosure on the targeted system. The company patched them with the release of VMware vRealize Log Insight 8.10.2.

More information on vulnerabilities and updates can be found in Vmware security advisory – VMSA-2023-0001.