CVE-2024-22277

Summary

VMware Cloud Director Availability contains an HTML injection vulnerability. A malicious actor with network access to VMware Cloud Director Availability can craft malicious HTML tags to execute within replication tasks.

Affected Software

VendorProductVersion RangeStatus
N/AVMware Cloud Director AvailabilityVMware Cloud Director Availability 4.xaffected

Weaknesses

  • HTML Injection

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References