Home

Description

The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system.

PUBLISHED Reserved 2024-01-08 | Published 2024-05-21 | Updated 2024-08-01 | Assigner vmware




HIGH: 7.2CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Problem types

Authenticated remote-code execution vulnerability

Product status

Default status
unaffected

8.0 (custom) before 8.0 U2b
affected

7.0 (custom) before 7.0 U3q
affected

Default status
unaffected

5.x (custom) before 5.1.1
affected

4.x
affected

References

support.broadcom.com/...l/content/SecurityAdvisories/0/24308

support.broadcom.com/...l/content/SecurityAdvisories/0/24308

cve.org (CVE-2024-22274)

nvd.nist.gov (CVE-2024-22274)

Download JSON