Lucene search
+L

10 matches found

CISA
CISA
added 2024/01/22 12:0 p.m.17 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-34048 VMware vCenter Server Out-of-Bounds Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

9.8CVSS9.7AI score0.99428EPSS
In wildExploits1References6
Rapid7 Blog
Rapid7 Blog
added 2024/01/19 3:40 p.m.84 views

Critical CVEs in Outdated Versions of Atlassian Confluence and VMware vCenter Server

Rapid7 is highlighting two critical vulnerabilities in outdated versions of widely deployed software this week. Atlassian disclosed CVE-2023-22527, a template injection vulnerability in Confluence Server with a maxed-out CVSS score of 10, while VMware pushed a fresh update to its October 2023...

10CVSS10AI score0.99999EPSS
Exploits123
hivepro
hivepro
added 2023/10/27 1:16 p.m.65 views

Vmware vCenter Flaws Leading to RCE Attacks

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Two vulnerabilities, CVE-2023-34048 and CVE-2023-34056, were identified in VMware vCenter Server, a server management software used for centralized management of virtual machines and ESXi hosts...

7.5CVSS7.8AI score0.99428EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/10/27 12:0 a.m.238 views

VMware vCenter Server 6.5 < 6.5U3v / 6.7 < 6.7U3t / 7.0 < 7.0U3o / 8.0 < 8.0U1d Out-of-bounds Write (VMSA-2023-0023)

The version of VMware vCenter Server installed on the remote host is 6.5 prior to 6.5U3v, 6.7 prior to 6.7U3t, 7.0 prior to 7.0U3o, or 8.0 prior to 8.0U1d. It is, therefore, affected by an out-of-bounds write vulnerability as referenced in the VMSA-2023-0023 advisory: - vCenter Server contains an...

9.8CVSS9.2AI score0.99428EPSS
Exploits1References3
NVD
NVD
added 2023/10/25 6:17 p.m.40 views

CVE-2023-34048

vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution...

9.8CVSS10AI score0.99428EPSS
Exploits1References3
The Hacker News
The Hacker News
added 2023/10/25 10:11 a.m.73 views

Act Now: VMware Releases Patch for Critical vCenter Server RCE Vulnerability

VMware has released security updates to address a critical flaw in the vCenter Server that could result in remote code execution on affected systems. The issue, tracked as CVE-2023-34048 CVSS score: 9.8, has been described as an out-of-bounds write vulnerability in the implementation of the DCE/R...

7.3AI score0.99428EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2023/10/25 6:44 a.m.43 views

Update vCenter Server now! VMWare fixes critical vulnerability

VMWare has issued an update to address one out-of-bounds write and one information disclosure vulnerability in its server management software, vCenter Server. Since there are no in-product workarounds, customers are advised to apply the updates urgently. The affected products are VMware vCenter...

7.5CVSS7.4AI score0.99428EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2023/10/25 4:21 a.m.37 views

CVE-2023-34048 VMware vCenter Server Out-of-Bounds Write Vulnerability

vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution...

9.8CVSS7.9AI score0.99428EPSS
Exploits1References1
CVE
CVE
added 2023/10/25 4:21 a.m.496 views

CVE-2023-34048

CVE-2023-34048 affects VMware vCenter Server and Cloud Foundation via an out-of-bounds write in the DCERPC implementation that can lead to remote code execution when a attacker with network access sends a crafted request. The vulnerability is rated CVSS v3.1 base score 9.8 (CRITICAL) with network...

9.8CVSS9.9AI score0.99428EPSS
In wildExploits1References3Affected Software1
VMware
VMware
added 2023/10/25 12:0 a.m.30 views

VMware vCenter Server updates address out-of-bounds write and information disclosure vulnerabilities (CVE-2023-34048, CVE-2023-34056)

3a. VMware vCenter Server Out-of-Bounds Write Vulnerability CVE-2023-34048 vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base sco...

7.5CVSS6.4AI score0.99428EPSS
Exploits1References8Affected Software2
Rows per page
Query Builder