According to its self-reported version, the instance of VMware vRealize Network Insight running on the remote web server is affected by multiple vulnerabilities: vRealize Network Insight (vRNI) contains a command injection vulnerability present in the vRNI REST API. A malicious actor with network access to the vRNI REST API can execute commands without authentication.. (CVE-2022-31702) The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution. (CVE-2022-31703) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version…Read More