The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
Metrics
Affected Vendors & Products
References
History
Thu, 19 Sep 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Broadcom
Broadcom vmware Cloud Foundation Broadcom vmware Vcenter Server |
|
CPEs | cpe:2.3:a:vmware:vcenter_server:*:*:*:*:*:*:*:* |
cpe:2.3:a:broadcom:vmware_cloud_foundation:*:*:*:*:*:*:*:* cpe:2.3:a:broadcom:vmware_vcenter_server:*:*:*:*:*:*:*:* |
Vendors & Products |
Vmware
Vmware cloud Foundation Vmware vcenter Server |
Broadcom
Broadcom vmware Cloud Foundation Broadcom vmware Vcenter Server |
Wed, 18 Sep 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Vmware
Vmware cloud Foundation Vmware vcenter Server |
|
CPEs | cpe:2.3:a:vmware:cloud_foundation:-:*:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Vmware
Vmware cloud Foundation Vmware vcenter Server |
|
Metrics |
ssvc
|
Tue, 17 Sep 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution. | |
Title | Heap-overflow vulnerability | |
Weaknesses | CWE-122 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: vmware
Published: 2024-09-17T17:13:09.778Z
Updated: 2024-09-19T13:01:26.135Z
Reserved: 2024-06-19T22:31:57.187Z
Link: CVE-2024-38812
Vulnrichment
Updated: 2024-09-18T13:49:47.197Z
NVD
Status : Received
Published: 2024-09-17T18:15:03.920
Modified: 2024-09-17T18:15:03.920
Link: CVE-2024-38812
Redhat
No data.