101010.pl is one of the many independent Mastodon servers you can use to participate in the fediverse.
101010.pl czyli najstarszy polski serwer Mastodon. Posiadamy wpisy do 2048 znaków.

Server stats:

478
active users

#vcenterserver

0 posts0 participants0 posts today

Critical Vulnerabilities in VMware vCenter Server

Date: June 18, 2024
CVE: CVE-2024-37079, CVE-2024-37080, CVE-2024-37081
Vulnerability Type: Buffer Overflow, Memory Corruption
CWE: [[CWE-787]], [[CWE-416]], [[CWE-125]]
Sources: SecurityWeek, Cybersecurity News, Broadcom VMware advisory

Synopsis

Multiple critical vulnerabilities in VMware vCenter Server have been identified, potentially allowing remote code execution (RCE). These issues, detailed in VMware's security advisory VMSA-2024-0012, include CVE-2023-34048, which affects the DCE/RPC protocol implementation. The DCE/RPC (Distributed Computing Environment / Remote Procedure Call) protocol is a network protocol developed by the Open Group. It enables communication between client and server applications by allowing a program to request services from a program located on another computer within a network. DCE/RPC is based on the concept of remote procedure calls (RPC), which facilitate the execution of code on a remote system as if it were local.

Issue Summary

VMware vCenter Server, a key management component for VMware environments, contains several critical vulnerabilities. If exploited, these could allow attackers to execute arbitrary code remotely. The most critical of these, CVE-2023-34048, has been rated with a CVSS score of 9.8, indicating high severity.

Technical Key Findings

The vulnerabilities primarily involve memory corruption issues such as heap overflow and use-after-free errors in the DCE/RPC protocol. These can be exploited by sending specially crafted packets to the vCenter Server, leading to remote code execution and potential system compromise.

Vulnerable Products

  • vCenter Server 8.0
  • vCenter Server 7.0
  • VMware Cloud Foundation versions 4.x and 5.x

**Response Matrix:

| VMware Product | Version | Running On | CVE | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
| ------------------ | ----------- | -------------- | ---------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------- | --------------- | ------------------------------------------------------------------------ |
| vCenter Server | 8.0 | Any | CVE-2024-37079, CVE-2024-37080, CVE-2024-37081 | 9.89.87.8 | Critical | 8.0 U2d | None | FAQ |
| vCenter Server | 8.0 | Any | CVE-2024-37079, CVE-2024-37080 | 9.89.8 | Critical | 8.0 U1e | None | FAQ |
| vCenter Server | 7.0 | Any | CVE-2024-37079, CVE-2024-37080, CVE-2024-37081 | 9.89.87.8 | Critical | 7.0 U3r | None | FAQ |

**

Impacted Product Suites that Deploy Response Matrix 3a and 3b Components:

*

| VMware Product | Version | Running On | CVE | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
| --------------------------------- | ----------- | -------------- | ---------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------- | --------------- | ------------------------------------------------------------------------ |
| Cloud Foundation (vCenter Server) | 5.x | Any | CVE-2024-37079, CVE-2024-37080, CVE-2024-37081 | 9.89.87.8 | Critical | KB88287 | None | FAQ |
| Cloud Foundation (vCenter Server) | 4.x | Any | CVE-2024-37079, CVE-2024-37080, CVE-2024-37081 | 9.89.87.8 | Critical | KB88287 | None | FAQ |

Impact Assessment

Successful exploitation of these vulnerabilities could result in complete control over the affected systems, allowing attackers to perform any action, including data theft, service disruption, and further network compromise.

Patches or Workarounds

VMware has released patches to address these vulnerabilities. Administrators are advised to update to the fixed versions (8.0 U2d, 7.0 U3r) . There are no available workarounds.

Tags

#VMware #vCenterServer #CVE-2023-34048 #RemoteCodeExecution #PatchManagement #Cybersecurity

Cyber Security News · Multiple VMware vCenter Server Flaws Allow Remote Code ExecutionVMware has released a critical security advisory, VMSA-2024-0012, addressing multiple vulnerabilities in VMware vCenter Server, a core component of VMware vSphere and VMware Cloud Foundation products.