{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-31681", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "dateUpdated": "2024-08-03T07:26:01.077Z", "dateReserved": "2022-05-25T00:00:00", "datePublished": "2022-10-07T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2022-10-07T00:00:00"}, "descriptions": [{"lang": "en", "value": "VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host."}], "affected": [{"vendor": "n/a", "product": "VMware ESXi", "versions": [{"version": "VMware ESXi (7.0 prior to ESXi70U3sf-20036586, 6.7 prior to ESXi670-202210101-SG & 6.5 prior to ESXi650-202210101-SG)", "status": "affected"}]}], "references": [{"url": "https://www.vmware.com/security/advisories/VMSA-2022-0025.html"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Null-pointer dereference vulnerability"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T07:26:01.077Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.vmware.com/security/advisories/VMSA-2022-0025.html", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*", "matchCriteriaId": "288143A7-D64D-465F-8F81-9434C57189CB", "versionEndExcluding": "4.3.1.1", "versionStartIncluding": "4.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "F7B0AA0D-0BE2-40C5-A432-F607EF66829C", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6C767B9C-CDAC-4651-B696-589726CDD5C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E216CBB-8C99-46AA-B195-E16393354D14", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:*:*:*:*:*:*:*:*", "matchCriteriaId": "D223DD19-0441-4EBD-9F51-5E9012434517", "versionEndExcluding": "7.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*", "matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*", "matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*", "matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*", "matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*", "matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*", "matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*", "matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1e:*:*:*:*:*:*", "matchCriteriaId": "2E6DE184-35C8-4A13-91D4-4B43E9F0168C", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*", "matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*", "matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*", "matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*", "matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2e:*:*:*:*:*:*", "matchCriteriaId": "39817170-5C45-4F8A-916D-81B7352055DD", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*", "matchCriteriaId": "A2F831A7-544E-4B45-BA49-7F7A0234579C", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*", "matchCriteriaId": "80A0DD2E-F1CC-413B-91F9-E3986011A0A0", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3e:*:*:*:*:*:*", "matchCriteriaId": "C77771B2-BC64-47A5-B6DB-9CBCC4456B67", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host."}, {"lang": "es", "value": "VMware ESXi contiene una vulnerabilidad de deferencia de puntero null. Un actor malicioso con privilegios dentro del proceso VMX solamente, puede crear una condici\u00f3n de negaci\u00f3n de servicio en el host"}], "id": "CVE-2022-31681", "lastModified": "2024-11-21T07:05:07.027", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-10-07T21:15:11.337", "references": [{"source": "security@vmware.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.vmware.com/security/advisories/VMSA-2022-0025.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.vmware.com/security/advisories/VMSA-2022-0025.html"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}