← ExploitWatch
HomeExploited Vulnerabilities

CVE-2022-22948 — Actively Exploited: vCenter Server (VMware)

VMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged attacker to gain access to sensitive information.

CVE IDCVE-2022-22948
VendorVMware
ProductvCenter Server
Vulnerability nameVMware vCenter Server Incorrect Default File Permissions Vulnerability
Date added2024-07-17
Remediation due2024-08-07
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionVMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged attacker to gain access to sensitive information.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →