vCenter Server Heap Overflow Vulnerability
Key Information
- Vendor
- VMware
- Status
- Vmware Vcenter Server
- Vmware Cloud Foundation
- Vendor
- CVE Published:
- 17 September 2024
Badges
Summary
CVE-2024-38812 is a critical unauthenticated heap-overflow vulnerability in VMware vCenter Server that may potentially lead to remote code execution. The vulnerability affects vCenter Server versions 8.0 and 7.0, as well as VMware Cloud Foundation versions 5.x and 4.x. There are no known exploitations of this vulnerability in the wild, and VMware has released patches to fix the issue. Organizations are advised to promptly apply the recommended patches to mitigate the risk of exploitation.
Affected Version(s)
VMware vCenter Server < 8.0 U3b
VMware vCenter Server < 7.0 U3s
VMware Cloud Foundation = 5.x
News Articles
CVSS V3.1
Timeline
Risk change from: null to: 9.8 - (CRITICAL)
- 🔥
Vulnerability reached the number 1 worldwide trending spot.
Vulnerability started trending.
First article discovered by Help Net Security
Vulnerability published.