CVE-2024-37081
published 2024-06-18CVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EXPLOIT
The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | cloud_foundation | >= 4.0 < 5.2 | 5.2 |
| vmware | vcenter_server | — | — |
| vmware | vcenter_server | — | — |