vCenter Server Heap Overflow Vulnerability

CVE-2024-38812
9.8CRITICAL

Key Information

Vendor
VMware
Status
Vmware Vcenter Server
Vmware Cloud Foundation
Vendor
CVE Published:
17 September 2024

Badges

🔥 No. 1 Trending😄 Trended📰 News Worthy

Summary

CVE-2024-38812 is a critical unauthenticated heap-overflow vulnerability in VMware vCenter Server that may potentially lead to remote code execution. The vulnerability affects vCenter Server versions 8.0 and 7.0, as well as VMware Cloud Foundation versions 5.x and 4.x. There are no known exploitations of this vulnerability in the wild, and VMware has released patches to fix the issue. Organizations are advised to promptly apply the recommended patches to mitigate the risk of exploitation.

Affected Version(s)

VMware vCenter Server < 8.0 U3b

VMware vCenter Server < 7.0 U3s

VMware Cloud Foundation = 5.x

News Articles

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Risk change from: null to: 9.8 - (CRITICAL)

  • 🔥

    Vulnerability reached the number 1 worldwide trending spot.

  • Vulnerability started trending.

  • First article discovered by Help Net Security

  • Vulnerability published.

Collectors

NVD DatabaseMitre Database1 News Article(s)
.