cvelistv5 - cve-2024-38814

CVE-2024-38814 (GCVE-0-2024-38814)

Vulnerability from cvelistv5 – Published: 2024-10-16 16:59 – Updated: 2024-10-16 17:53

Summary

An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A malicious authenticated user with non-administrator privileges may be able to enter specially crafted SQL queries and perform unauthorized remote code execution on the HCX manager. Updates are available to remediate this vulnerability in affected VMware products.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Assigner

vmware

References

URL

Tags

https://support.broadcom.com/web/ecx/support-cont…

Impacted products

	Vendor	Product	Version
	N/A	VMware HCX	Affected: VMware HCX 4.8.0-4.8.2, VMware HCX 4.9.0-4.9.1, VMware HCX 4.10.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:vmware:vmware_hcx:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "vmware_hcx",
            "vendor": "vmware",
            "versions": [
              {
                "lessThanOrEqual": "4.8.2",
                "status": "affected",
                "version": "4.8.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "4.9.1",
                "status": "affected",
                "version": "4.9.0",
                "versionType": "custom"
              },
              {
                "status": "affected",
                "version": "4.10.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-38814",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-16T17:47:00.928170Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-16T17:53:24.283Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "VMware HCX",
          "vendor": "N/A",
          "versions": [
            {
              "status": "affected",
              "version": "VMware HCX 4.8.0-4.8.2, VMware HCX 4.9.0-4.9.1, VMware HCX 4.10.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A\n malicious authenticated user with non-administrator privileges may be \nable to enter specially crafted SQL queries and perform unauthorized \nremote code execution on the HCX manager.\u0026nbsp;\nUpdates are available to remediate this vulnerability in affected VMware products. \n\n\n\u003cstrong\u003e \u003c/strong\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A\n malicious authenticated user with non-administrator privileges may be \nable to enter specially crafted SQL queries and perform unauthorized \nremote code execution on the HCX manager.\u00a0\nUpdates are available to remediate this vulnerability in affected VMware products."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-16T16:59:20.174Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25019"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2024-38814",
    "datePublished": "2024-10-16T16:59:20.174Z",
    "dateReserved": "2024-06-19T22:31:57.187Z",
    "dateUpdated": "2024-10-16T17:53:24.283Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vmware_hcx:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.8.0\", \"versionEndIncluding\": \"4.8.2\", \"matchCriteriaId\": \"15F4C6D8-CF9F-4341-8315-0E4B38E641A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vmware_hcx:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.9.0\", \"versionEndIncluding\": \"4.9.1\", \"matchCriteriaId\": \"7DBB07C1-116E-4C35-9614-C8495BFCF894\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vmware_hcx:4.10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BAD018FC-6937-4DB3-9518-14B6D4A41C41\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A\\n malicious authenticated user with non-administrator privileges may be \\nable to enter specially crafted SQL queries and perform unauthorized \\nremote code execution on the HCX manager.\\u00a0\\nUpdates are available to remediate this vulnerability in affected VMware products.\"}, {\"lang\": \"es\", \"value\": \"VMware recibi\\u00f3 un informe privado sobre una vulnerabilidad de inyecci\\u00f3n SQL autenticada en VMware HCX. Un usuario autenticado malintencionado con privilegios que no sean de administrador podr\\u00eda ingresar consultas SQL especialmente manipuladas y ejecutar c\\u00f3digo remoto no autorizado en el administrador HCX. Hay actualizaciones disponibles para solucionar esta vulnerabilidad en los productos VMware afectados.\"}]",
      "id": "CVE-2024-38814",
      "lastModified": "2024-10-21T18:20:53.267",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security@vmware.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
      "published": "2024-10-16T17:15:16.237",
      "references": "[{\"url\": \"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25019\", \"source\": \"security@vmware.com\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "security@vmware.com",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"security@vmware.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-89\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-89\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-38814\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2024-10-16T17:15:16.237\",\"lastModified\":\"2024-10-21T18:20:53.267\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A\\n malicious authenticated user with non-administrator privileges may be \\nable to enter specially crafted SQL queries and perform unauthorized \\nremote code execution on the HCX manager.\u00a0\\nUpdates are available to remediate this vulnerability in affected VMware products.\"},{\"lang\":\"es\",\"value\":\"VMware recibi\u00f3 un informe privado sobre una vulnerabilidad de inyecci\u00f3n SQL autenticada en VMware HCX. Un usuario autenticado malintencionado con privilegios que no sean de administrador podr\u00eda ingresar consultas SQL especialmente manipuladas y ejecutar c\u00f3digo remoto no autorizado en el administrador HCX. Hay actualizaciones disponibles para solucionar esta vulnerabilidad en los productos VMware afectados.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vmware_hcx:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.8.0\",\"versionEndIncluding\":\"4.8.2\",\"matchCriteriaId\":\"15F4C6D8-CF9F-4341-8315-0E4B38E641A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vmware_hcx:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.9.0\",\"versionEndIncluding\":\"4.9.1\",\"matchCriteriaId\":\"7DBB07C1-116E-4C35-9614-C8495BFCF894\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vmware_hcx:4.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAD018FC-6937-4DB3-9518-14B6D4A41C41\"}]}]}],\"references\":[{\"url\":\"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25019\",\"source\":\"security@vmware.com\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-38814\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-16T17:47:00.928170Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:vmware:vmware_hcx:*:*:*:*:*:*:*:*\"], \"vendor\": \"vmware\", \"product\": \"vmware_hcx\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.8.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"4.8.2\"}, {\"status\": \"affected\", \"version\": \"4.9.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"4.9.1\"}, {\"status\": \"affected\", \"version\": \"4.10.0\"}], \"defaultStatus\": \"unaffected\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-16T17:51:07.505Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"N/A\", \"product\": \"VMware HCX\", \"versions\": [{\"status\": \"affected\", \"version\": \"VMware HCX 4.8.0-4.8.2, VMware HCX 4.9.0-4.9.1, VMware HCX 4.10.0\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25019\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A\\n malicious authenticated user with non-administrator privileges may be \\nable to enter specially crafted SQL queries and perform unauthorized \\nremote code execution on the HCX manager.\\u00a0\\nUpdates are available to remediate this vulnerability in affected VMware products.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A\\n malicious authenticated user with non-administrator privileges may be \\nable to enter specially crafted SQL queries and perform unauthorized \\nremote code execution on the HCX manager.\u0026nbsp;\\nUpdates are available to remediate this vulnerability in affected VMware products. \\n\\n\\n\u003cstrong\u003e \u003c/strong\u003e\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-89\", \"description\": \"CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"shortName\": \"vmware\", \"dateUpdated\": \"2024-10-16T16:59:20.174Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-38814\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-16T17:53:24.283Z\", \"dateReserved\": \"2024-06-19T22:31:57.187Z\", \"assignerOrgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"datePublished\": \"2024-10-16T16:59:20.174Z\", \"assignerShortName\": \"vmware\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2024-AVI-0896

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans VMware HCX. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	HCX	HCX versions 4.8.x antérieures à 4.8.3
VMware	HCX	HCX versions 4.9.x antérieures à 4.9.2
VMware	HCX	HCX versions 4.10.x antérieures à 4.10.1

References

Title

Publication Time

Tags

Bulletin de sécurité VMware 25019

2024-10-16

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "HCX versions 4.8.x ant\u00e9rieures \u00e0 4.8.3",
      "product": {
        "name": "HCX",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "HCX versions 4.9.x ant\u00e9rieures \u00e0 4.9.2",
      "product": {
        "name": "HCX",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "HCX versions 4.10.x ant\u00e9rieures \u00e0 4.10.1",
      "product": {
        "name": "HCX",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-38814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38814"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0896",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-10-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans VMware HCX. Elle permet \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.",
  "title": "Vuln\u00e9rabilit\u00e9 dans VMware HCX",
  "vendor_advisories": [
    {
      "published_at": "2024-10-16",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 25019",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25019"
    }
  ]
}

CERTFR-2025-AVI-0177

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

VMware indique que les vulnérabilités CVE-2025-222234, CVE-2025-22225 et CVE-2025-22226 sont activement exploitées.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	Cloud Foundation	VMware Cloud Foundation versions 4.5.x sans le correctif de sécurité ESXi70U3s-24585291
VMware	Telco Cloud Platform	VMware Telco Cloud Platorm sans le correctif de sécurité KB389385
VMware	ESXi	VMware ESXi versions 7.0 sans le correctif de sécurité ESXi70U3s-24585291
VMware	Cloud Foundation	VMware Cloud Foundation versions 5.x sans le correctif de sécurité ESXi80U3d-24585383
VMware	Fusion	VMware Fusion 13.x versions antérieures à 13.6.3
VMware	ESXi	VMware ESXi versions 8.0 sans le correctif de sécurité ESXi80U2d-24585300 ou ESXi80U3d-24585383
VMware	Telco Cloud Infrastructure	VMware Telco Cloud Infrastructure versions 2.x et 3.x sans le correctif de sécurité KB389385
VMware	Workstation	VMware Workstation versions 17.x antérieures à 17.6.3

References

Title

Publication Time

Tags

Bulletin de sécurité VMware 25466	2025-03-04	vendor-advisory
Bulletin de sécurité VMware 25390	2025-03-04	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VMware Cloud Foundation versions 4.5.x sans le correctif de s\u00e9curit\u00e9 ESXi70U3s-24585291",
      "product": {
        "name": "Cloud Foundation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Telco Cloud Platorm sans le correctif de s\u00e9curit\u00e9 KB389385",
      "product": {
        "name": "Telco Cloud Platform",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi versions 7.0 sans le correctif de s\u00e9curit\u00e9 ESXi70U3s-24585291",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Cloud Foundation versions 5.x sans le correctif de s\u00e9curit\u00e9 ESXi80U3d-24585383",
      "product": {
        "name": "Cloud Foundation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Fusion 13.x versions ant\u00e9rieures \u00e0 13.6.3",
      "product": {
        "name": "Fusion",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi versions 8.0  sans le correctif de s\u00e9curit\u00e9 ESXi80U2d-24585300 ou ESXi80U3d-24585383",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Telco Cloud Infrastructure versions 2.x et 3.x sans le correctif de s\u00e9curit\u00e9  KB389385",
      "product": {
        "name": "Telco Cloud Infrastructure",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Workstation versions 17.x ant\u00e9rieures \u00e0 17.6.3",
      "product": {
        "name": "Workstation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-22224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22224"
    },
    {
      "name": "CVE-2024-38814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38814"
    },
    {
      "name": "CVE-2025-22226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22226"
    },
    {
      "name": "CVE-2025-22225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22225"
    }
  ],
  "links": [],
  "reference": "CERTFR-2025-AVI-0177",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-03-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.\n\nVMware indique que les vuln\u00e9rabilit\u00e9s CVE-2025-222234, CVE-2025-22225 et  CVE-2025-22226 sont activement exploit\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": "2025-03-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 25466",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25466"
    },
    {
      "published_at": "2025-03-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 25390",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390"
    }
  ]
}

CERTFR-2024-AVI-0896

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans VMware HCX. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	HCX	HCX versions 4.8.x antérieures à 4.8.3
VMware	HCX	HCX versions 4.9.x antérieures à 4.9.2
VMware	HCX	HCX versions 4.10.x antérieures à 4.10.1

References

Title

Publication Time

Tags

Bulletin de sécurité VMware 25019

2024-10-16

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "HCX versions 4.8.x ant\u00e9rieures \u00e0 4.8.3",
      "product": {
        "name": "HCX",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "HCX versions 4.9.x ant\u00e9rieures \u00e0 4.9.2",
      "product": {
        "name": "HCX",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "HCX versions 4.10.x ant\u00e9rieures \u00e0 4.10.1",
      "product": {
        "name": "HCX",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-38814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38814"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0896",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-10-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans VMware HCX. Elle permet \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.",
  "title": "Vuln\u00e9rabilit\u00e9 dans VMware HCX",
  "vendor_advisories": [
    {
      "published_at": "2024-10-16",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 25019",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25019"
    }
  ]
}

CERTFR-2025-AVI-0177

Vulnerability from certfr_avis - Published: - Updated:

VMware indique que les vulnérabilités CVE-2025-222234, CVE-2025-22225 et CVE-2025-22226 sont activement exploitées.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	Cloud Foundation	VMware Cloud Foundation versions 4.5.x sans le correctif de sécurité ESXi70U3s-24585291
VMware	Telco Cloud Platform	VMware Telco Cloud Platorm sans le correctif de sécurité KB389385
VMware	ESXi	VMware ESXi versions 7.0 sans le correctif de sécurité ESXi70U3s-24585291
VMware	Cloud Foundation	VMware Cloud Foundation versions 5.x sans le correctif de sécurité ESXi80U3d-24585383
VMware	Fusion	VMware Fusion 13.x versions antérieures à 13.6.3
VMware	ESXi	VMware ESXi versions 8.0 sans le correctif de sécurité ESXi80U2d-24585300 ou ESXi80U3d-24585383
VMware	Telco Cloud Infrastructure	VMware Telco Cloud Infrastructure versions 2.x et 3.x sans le correctif de sécurité KB389385
VMware	Workstation	VMware Workstation versions 17.x antérieures à 17.6.3

References

Title

Publication Time

Tags

Bulletin de sécurité VMware 25466	2025-03-04	vendor-advisory
Bulletin de sécurité VMware 25390	2025-03-04	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VMware Cloud Foundation versions 4.5.x sans le correctif de s\u00e9curit\u00e9 ESXi70U3s-24585291",
      "product": {
        "name": "Cloud Foundation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Telco Cloud Platorm sans le correctif de s\u00e9curit\u00e9 KB389385",
      "product": {
        "name": "Telco Cloud Platform",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi versions 7.0 sans le correctif de s\u00e9curit\u00e9 ESXi70U3s-24585291",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Cloud Foundation versions 5.x sans le correctif de s\u00e9curit\u00e9 ESXi80U3d-24585383",
      "product": {
        "name": "Cloud Foundation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Fusion 13.x versions ant\u00e9rieures \u00e0 13.6.3",
      "product": {
        "name": "Fusion",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi versions 8.0  sans le correctif de s\u00e9curit\u00e9 ESXi80U2d-24585300 ou ESXi80U3d-24585383",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Telco Cloud Infrastructure versions 2.x et 3.x sans le correctif de s\u00e9curit\u00e9  KB389385",
      "product": {
        "name": "Telco Cloud Infrastructure",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Workstation versions 17.x ant\u00e9rieures \u00e0 17.6.3",
      "product": {
        "name": "Workstation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-22224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22224"
    },
    {
      "name": "CVE-2024-38814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38814"
    },
    {
      "name": "CVE-2025-22226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22226"
    },
    {
      "name": "CVE-2025-22225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22225"
    }
  ],
  "links": [],
  "reference": "CERTFR-2025-AVI-0177",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-03-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.\n\nVMware indique que les vuln\u00e9rabilit\u00e9s CVE-2025-222234, CVE-2025-22225 et  CVE-2025-22226 sont activement exploit\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": "2025-03-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 25466",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25466"
    },
    {
      "published_at": "2025-03-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 25390",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390"
    }
  ]
}

FKIE_CVE-2024-38814

Vulnerability from fkie_nvd - Published: 2024-10-16 17:15 - Updated: 2024-10-21 18:20

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	security@vmware.com	https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25019	Third Party Advisory

Impacted products

Vendor	Product	Version
vmware	vmware_hcx	*
vmware	vmware_hcx	*
vmware	vmware_hcx	4.10.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:vmware_hcx:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15F4C6D8-CF9F-4341-8315-0E4B38E641A8",
              "versionEndIncluding": "4.8.2",
              "versionStartIncluding": "4.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_hcx:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DBB07C1-116E-4C35-9614-C8495BFCF894",
              "versionEndIncluding": "4.9.1",
              "versionStartIncluding": "4.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_hcx:4.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAD018FC-6937-4DB3-9518-14B6D4A41C41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A\n malicious authenticated user with non-administrator privileges may be \nable to enter specially crafted SQL queries and perform unauthorized \nremote code execution on the HCX manager.\u00a0\nUpdates are available to remediate this vulnerability in affected VMware products."
    },
    {
      "lang": "es",
      "value": "VMware recibi\u00f3 un informe privado sobre una vulnerabilidad de inyecci\u00f3n SQL autenticada en VMware HCX. Un usuario autenticado malintencionado con privilegios que no sean de administrador podr\u00eda ingresar consultas SQL especialmente manipuladas y ejecutar c\u00f3digo remoto no autorizado en el administrador HCX. Hay actualizaciones disponibles para solucionar esta vulnerabilidad en los productos VMware afectados."
    }
  ],
  "id": "CVE-2024-38814",
  "lastModified": "2024-10-21T18:20:53.267",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "security@vmware.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-16T17:15:16.237",
  "references": [
    {
      "source": "security@vmware.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25019"
    }
  ],
  "sourceIdentifier": "security@vmware.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "security@vmware.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-FFHG-6H3Q-652P

Vulnerability from github – Published: 2024-10-16 18:31 – Updated: 2024-10-21 18:30

Details

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-38814"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-89"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-16T17:15:16Z",
    "severity": "HIGH"
  },
  "details": "An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A\n malicious authenticated user with non-administrator privileges may be \nable to enter specially crafted SQL queries and perform unauthorized \nremote code execution on the HCX manager.\u00a0\nUpdates are available to remediate this vulnerability in affected VMware products.",
  "id": "GHSA-ffhg-6h3q-652p",
  "modified": "2024-10-21T18:30:45Z",
  "published": "2024-10-16T18:31:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38814"
    },
    {
      "type": "WEB",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25019"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-38814 (GCVE-0-2024-38814)

CERTFR-2024-AVI-0896

Solutions

CERTFR-2025-AVI-0177

Solutions

CERTFR-2024-AVI-0896

Solutions

CERTFR-2025-AVI-0177

Solutions

FKIE_CVE-2024-38814

GHSA-FFHG-6H3Q-652P

Tags

Sightings

Nomenclature