Lucene search
VmwareCVELIST:CVE-2024-38813HistorySep 17, 2024 - 5:13 p.m.
CVE-2024-38813 Privilege escalation vulnerability
2024-09-1717:13:13
CWE-250
CWE-273
vmware
www.cve.org
5
cve-2024-38813
privilege escalation
vcenter server
network access
root privileges
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.6%
The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "VMware vCenter Server",
"vendor": "n/a",
"versions": [
{
"lessThan": "8.0 U3b",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "7.0 U3s",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.x"
},
{
"status": "affected",
"version": "4.x"
}
]
}
]Related
cve
cve
CVE-2024-38813
2024-09-17 18:15:04
vulnrichment
vulnrichment
CVE-2024-38813 Privilege escalation vulnerability
2024-09-17 17:13:13
nvd
nvd
CVE-2024-38813
2024-09-17 18:15:04
nessus
nessus
thn
thn
Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution
2024-09-18 05:08:00
rapid7blog
rapid7blog
High-risk vulnerabilities in common enterprise technologies
2024-09-19 20:45:57
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.6%
Related for CVELIST:CVE-2024-38813