Lucene search

K
vmwareVMwareVMSA-2023-0023.1
HistoryOct 25, 2023 - 12:00 a.m.

VMware vCenter Server updates address out-of-bounds write and information disclosure vulnerabilities (CVE-2023-34048, CVE-2023-34056)

2023-10-2500:00:00
www.vmware.com
4
vmware
vcenter server
updates
out-of-bounds write
information disclosure
vulnerabilities
cve-2023-34048
cve-2023-34056
dcerpc protocol
severity
cvssv3
software

6.4 Medium

AI Score

Confidence

Low

0.044 Low

EPSS

Percentile

92.4%

3a. VMware vCenter Server Out-of-Bounds Write Vulnerability (CVE-2023-34048)

vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

3b. VMware vCenter Server Partial Information Disclosure Vulnerability (CVE-2023-34056)

vCenter Server contains a partial information disclosure vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.3.

6.4 Medium

AI Score

Confidence

Low

0.044 Low

EPSS

Percentile

92.4%