Lucene search
VmwareCVE-2024-38813HistorySep 17, 2024 - 6:15 p.m.
CVE-2024-38813
2024-09-1718:15:04
CWE-250
CWE-273
vmware
web.nvd.nist.gov
59
20
vcenter server
privilege escalation
cve-2024-38813
network access
root privileges
crafted network packet
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.6%
The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "VMware vCenter Server",
"vendor": "n/a",
"versions": [
{
"lessThan": "8.0 U3b",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "7.0 U3s",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.x"
},
{
"status": "affected",
"version": "4.x"
}
]
}
]Social References
More
Related
cvelist
cvelist
CVE-2024-38813 Privilege escalation vulnerability
2024-09-17 17:13:13
nvd
nvd
CVE-2024-38813
2024-09-17 18:15:04
vulnrichment
vulnrichment
CVE-2024-38813 Privilege escalation vulnerability
2024-09-17 17:13:13
nessus
nessus
thn
thn
Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution
2024-09-18 05:08:00
rapid7blog
rapid7blog
High-Risk Vulnerabilities in Common Enterprise Technologies
2024-09-19 20:45:57
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.6%
Related for CVE-2024-38813