Dün Broadcom tarafından critical güvenlik açğı tespit edildi. En kısa sürede bu patch’i geçmeniz gerekmektedir.
CVE-2024-38812, CVE-2024-38813
| Advisory ID: | VMSA-2024-0019.3 |
| Severity: | Critical |
| CVSSv3 Range: | 7.5-9.8 |
| Synopsis: | VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities (CVE-2024-38812, CVE-2024-38813) |
| Issue date: | 2024-09-17 |
| Updated on: | 2024-10-21 |
| CVE(s) | CVE-2024-38812, CVE-2024-38813 |
1. Impacted Products
- VMware vCenter Server
- VMware Cloud Foundation
| VMware Product | Version | Running On | CVE | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
| VMware vCenter Server | 8.0 | Any | CVE-2024-38812, CVE-2024-38813 | 9.8, 7.5 | Critical | 8.0 U3d [1] | None | FAQ |
|
VMware vCenter Server |
8.0 | Any |
CVE-2024-38812, CVE-2024-38813 |
9.8, 7.5 | Critical |
8.0 U2e | None | FAQ |
| VMware vCenter Server | 7.0 | Any |
CVE-2024-38812, CVE-2024-38813 |
Critical
|
7.0 U3t [1] | None | FAQ | |
| VMware Cloud Foundation | 5.x | Any | CVE-2024-38812, CVE-2024-38813 | 9.8, 7.5 | Critical | Async patch to 8.0 U3d [1] | None | Async Patching Guide: KB88287 |
|
VMware Cloud Foundation |
5.1.x | Any | CVE-2024-38812, CVE-2024-38813 | Critical | Async patch to 8.0 U2e | None | Async Patching Guide: KB88287 | |
| VMware Cloud Foundation | 4.x | Any | CVE-2024-38812, CVE-2024-38813 | 9.8, 7.5 | Critical | Async patch to 7.0 U3t [1] | None | Async Patching Guide: KB88287 |
