CVE-2024-22275

Summary

The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data.

Affected Software

VendorProductVersion RangeStatus
n/aVMware vCenter Server8.0 < 8.0 U2baffected
n/aVMware vCenter Server7.0 < 7.0 U3qaffected
n/aVMware Cloud Foundation (vCenter Server)5.x < 5.1.1affected
n/aVMware Cloud Foundation (vCenter Server)4.xaffected

Weaknesses

  • Partial file read vulnerability

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References