VMware NSX Injection Vulnerability Allows Root Access
CVE-2024-38817

6.7MEDIUM

Key Information:

Vendor

VMware
Status
Vmware Nsx, Vmware Cloud Foundation
Vendor
CVE Published:
9 October 2024

Badges

đź“° News Worthy

What is CVE-2024-38817?

VMware NSX contains a command injection vulnerability. 

A malicious actor with access to the NSX Edge CLI terminal may be able to craft malicious payloads to execute arbitrary commands on the operating system as root.

Affected Version(s)

VMware NSX, VMware Cloud Foundation VMware NSX 4.1.x, NSX-T 3.2.x

News Articles

favicon imageCyber Security News

VMware NSX Vulnerabilities Allow Hackers To Execute Arbitrary Commands

VMware has issued a critical advisory (VMSA-2024-0020) detailing multiple vulnerabilities in its NSX and Cloud Foundation products.

References

https://support.broadcom.com/web/ecx/support-content-noti...

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • đź“°

    First article discovered by Cyber Security News

  • Vulnerability published

.
CVE-2024-38817 : VMware NSX Injection Vulnerability Allows Root Access