Service Advisory

Multiple vulnerabilities (CVE-2024-37079,CVE-2024-37080) has been discovered in VMware vCenter Server and Cloud Foundation, which could allow malicious actor to execute remote code. There are no reports of these vulnerabilities being exploited in the wild.

CVSS Score:-
9.8/Critical

Description:- 
VMware vCenter Server is a central management platform for VMware vSphere, enabling the management of virtual machines and ESXi hosts. CVE-2024-37079 and CVE-2024-37080 are heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol. A malicious actor with network access to vCenter Server may trigger these vulnerabilities by sending a specially crafted network packet potentially leading to remote code execution.

Affected Versions:-

• vCenter Server versions 7.0, 8.0
• Cloud Foundation versions 4.x and 5.x.

Impact:-

This Vulnerability if exploited could lead to remote code execution.

Resolution:-

Implement the fixes or upgrade, as there are no workarounds available.

Reference:-

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453

https://www.cvedetails.com/cve/CVE-2024-37079/

https://www.bleepingcomputer.com/news/security/vmware-fixes-critical-vcenter-rce-vulnerability-patch-now/

https://www.helpnetsecurity.com/2024/06/18/cve-2024-37079-cve-2024-37080/ 

https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-vmware-products-could-allow-for-remote-code-execution_2024-073

UIT Information Security

Contact

Client Services at askit@yorku.ca or 416 736 5800

PRIVACY POLICY | VISIT WWW.YORKU.CA
This email was sent by: York University, 4700 Keele Street, Toronto, Ontario M3J 1P3

This email is viewed best in Microsoft Outlook for web