CVE-2024-37081

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-37081
The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453
Configurations

No configuration.

History

03 Jul 2024, 02:04

Type Values Removed Values Added
CWE CWE-556

20 Jun 2024, 12:44

Type Values Removed Values Added
Summary
  • (es) vCenter Server contiene múltiples vulnerabilidades de escalada de privilegios locales debido a una mala configuración de sudo. Un usuario local autenticado con privilegios no administrativos puede aprovechar estos problemas para elevar los privilegios a root en vCenter Server Appliance.

18 Jun 2024, 06:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-06-18 06:15

Updated : 2024-07-03 02:04

NVD link : CVE-2024-37081

Mitre link : CVE-2024-37081

CVE.ORG link : CVE-2024-37081

JSON object : View

Products Affected

No product.

CWE
CWE-556

ASP.NET Misconfiguration: Use of Identity Impersonation


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024