CVE-2022-22948

MEDIUM KEV

VMware Cloud Foundation 3.0-3.10 - Information Disclosure via Improper File Permissions

Title source: llm

Exploitation Summary

CVE-2022-22948 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added July 17, 2024. EIP tracks 1 public exploit from researchers including PenteraIO.

AI-analyzed exploit summary This repository contains a scanner for CVE-2022-22948, an information disclosure vulnerability in VMWare vCenter. The scanner checks if the file `/etc/vmware-vpx/vcdb.properties` has write access for the 'cis' group, indicating potential vulnerability.

Description

The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information.

Exploits (1)

nomisec SCANNER 12 stars

by PenteraIO · poc

https://github.com/PenteraIO/CVE-2022-22948

View Code ZIP pw:eip

This repository contains a scanner for CVE-2022-22948, an information disclosure vulnerability in VMWare vCenter. The scanner checks if the file `/etc/vmware-vpx/vcdb.properties` has write access for the 'cis' group, indicating potential vulnerability.

Classification

Scanner 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: VMWare vCenter Server

Auth required

Prerequisites: Credentials for a Linux (PhotonOS) vCenter host · Shell access

MITRE ATT&CK

T1082 - System Information Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Patch, Vendor Advisory x_refsource_misc

https://www.vmware.com/security/advisories/VMSA-2022-0009.html

US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22948

Scores

CVSS v3 6.5

EPSS 0.2601

EPSS Percentile 96.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation active

Automatable no

Technical Impact total

Details

CISA KEV 2024-07-17

VulnCheck KEV 2024-06-18

InTheWild.io 2024-07-17

ENISA EUVD EUVD-2022-28072

CWE

CWE-276

Status published

Products (4)

vmware/cloud_foundation 3.0 - 3.11

vmware/vcenter_server 6.5 (25 CPE variants)

vmware/vcenter_server 6.7 (19 CPE variants)

vmware/vcenter_server 7.0 (5 CPE variants)

Published Mar 29, 2022

KEV Added Jul 17, 2024

Tracked Since Feb 18, 2026