Lucene search

K
cveVmwareCVE-2024-22256
HistoryMar 07, 2024 - 10:15 a.m.

CVE-2024-22256

2024-03-0710:15:07
vmware
web.nvd.nist.gov
84
cve
vmware
cloud director
information disclosure
vulnerability
nvd

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

4.2

Confidence

High

EPSS

0

Percentile

9.8%

VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance.

Affected configurations

Nvd
Node
vmwarecloud_directorRange10.4.010.5.1.1
VendorProductVersionCPE
vmwarecloud_director*cpe:2.3:a:vmware:cloud_director:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "VMware Cloud Director",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "VMware Cloud Director 10.5.x, 10.4.x"
      }
    ]
  }
]

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

4.2

Confidence

High

EPSS

0

Percentile

9.8%