The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Broadcom |
|
| Vmware |
|
Configuration 1 [-]
|
Configuration 2 [-]
|
No data.
References
History
Wed, 20 Nov 2024 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
ssvc
|
Wed, 02 Oct 2024 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Vmware
Vmware vcenter Server |
|
| CPEs | cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update2c:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update2d:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update3:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update3a:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update3c:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update3d:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update3e:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update3f:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update3g:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update3h:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update3i:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update3j:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update3k:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update3l:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update3m:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:7.0:update3n:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:8.0:-:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:8.0:update1:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:8.0:update1a:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:8.0:update1b:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:8.0:update1c:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:8.0:update1d:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:8.0:update1e:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:8.0:update2:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:8.0:update2a:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:8.0:update2b:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:8.0:update2c:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:8.0:update2d:*:*:*:*:*:* |
|
| Vendors & Products |
Vmware
Vmware vcenter Server |
Tue, 17 Sep 2024 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Broadcom
Broadcom vmware Center Server Broadcom vmware Cloud Foundation |
|
| CPEs | cpe:2.3:a:broadcom:vmware_center_server:*:*:*:*:*:*:*:* cpe:2.3:a:broadcom:vmware_cloud_foundation:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Broadcom
Broadcom vmware Center Server Broadcom vmware Cloud Foundation |
|
| Metrics |
ssvc
|
Tue, 17 Sep 2024 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet. | |
| Title | Privilege escalation vulnerability | |
| Weaknesses | CWE-250 CWE-273 |
|
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: vmware
Published: 2024-09-17T17:13:13.924Z
Updated: 2024-11-20T17:20:22.656Z
Reserved: 2024-06-19T22:31:57.187Z
Link: CVE-2024-38813
Vulnrichment
Updated: 2024-09-17T20:37:03.455Z
NVD
Status : Analyzed
Published: 2024-09-17T18:15:04.127
Modified: 2024-10-02T13:59:52.887
Link: CVE-2024-38813
Redhat
No data.