VMware vCenter Server Multiple Vulnerabilities

Last Update Date: 22 Jan 2024 Release Date: 26 Oct 2023 4863 Views

RISK: High Risk

High Risk

TYPE: Servers - Network Management

TYPE: Network Management

Multiple vulnerabilities were identified in VMware vCenter Server. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure and remote code execution on the targeted system.

 

Note:

For CVE-2023-34048, a malicious actor with network access to vCenter Server may use this vulnerability to trigger an out-of-bounds write potentially leading to remote code execution. The CVE-2023-34048 vulnerability is being exploited in the wild.

 

[Updated on 2024-01-22] 

The CVE-2023-34048 vulnerability is being exploited in the wild. Hence, the risk level is rated from Medium Risk to High Risk.

Impact

  • Information Disclosure
  • Remote Code Execution

System / Technologies affected

  • VMware vCenter Server 7.0 and 8.0
  • VMware Cloud Foundation 4.x and 5.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Related Tags

VMwareRemote Code ExecutionInformation DisclosureExploit In The Wild

Share with

Previous

ChromeOS Multiple Vulnerabilities

19 Jan 2024 3627 Views

Next

SUSE Linux Kernel Multiple Vulnerabilities

18 Jan 2024 3318 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY