CVE-2024-22274
published 2024-05-21CVE-2024-22274: The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance…
high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | cloud_foundation | >= 4.0 < 5.1.1 | 5.1.1 |
| vmware | vcenter_server | — | — |
| vmware | vcenter_server | — | — |