6.8 CVE-2024-37085

CISA Kev Catalog Patch
 

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.
https://nvd.nist.gov/vuln/detail/CVE-2024-37085

Categories

CWE-287

CWE-305

References

af854a3a-2127-422b-91ae-364da2661108 Patch

security@vmware.com Patch


 

CPE

cpe start end
Configuration 1
cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:* >= 4.0 < 5.2
cpe:2.3:o:vmware:esxi:7.0:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:8.0:-:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:8.0:a:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:8.0:b:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:8.0:c:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:8.0:update_1:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:8.0:update_1a:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:8.0:update_1c:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:8.0:update_1d:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:8.0:update_2:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:8.0:update_2b:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:8.0:update_2c:*:*:*:*:*:*


REMEDIATION


Patch

Url
https://support.broadcom.com/web/ecx/support-content-notification/-/external/...
https://support.broadcom.com/web/ecx/support-content-notification/-/external/...


EXPLOITS


Exploit-db.com

id description date
No known exploits

POC Github

Url

Other Nist (github, ...)

Url
No known exploits


CAPEC


Common Attack Pattern Enumerations and Classifications

id description severity
No entry