VMware has released security updates to address vulnerabilities in VMware vRealize Network.  A malicious actor with network access to the vRNI REST API can execute commands without authentication.

For a complete description of the vulnerabilities and affected systems go to VMware vRealize Network Insight (vRNI) updates address command injection and directory traversal security vulnerabilities (CVE-2022-31702, CVE-2022-31703).

IT Security

Read more about IT Security service offerings.