Lucene search
VmwareCVELIST:CVE-2024-22275HistoryMay 21, 2024 - 5:29 p.m.
CVE-2024-22275
2024-05-2117:29:45
vmware
www.cve.org
7
vcenter server
file read vulnerability
cve-2024-22275
administrative privileges
sensitive data
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
AI Score
5
Confidence
High
EPSS
0
Percentile
9.0%
The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "VMware vCenter Server",
"vendor": "n/a",
"versions": [
{
"lessThan": "8.0 U2b",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "7.0 U3q",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation (vCenter Server)",
"vendor": "n/a",
"versions": [
{
"lessThan": "5.1.1",
"status": "affected",
"version": "5.x",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.x"
}
]
}
]Related
nvd
nvd
CVE-2024-22275
2024-05-21 18:15:09
cve
cve
CVE-2024-22275
2024-05-21 18:15:09
vulnrichment
vulnrichment
CVE-2024-22275
2024-05-21 17:29:45
nessus
nessus
VMware Fusion 13.0.x < 13.5.1 Multiple Vulnerabilities (VMSA-2024-0011)
2024-08-22 00:00:00
VMware Workstation 17.0.x < 17.5.1 Multiple Vulnerabilities (VMSA-2024-0011)
2024-08-22 00:00:00
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
AI Score
5
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVELIST:CVE-2024-22275