VDB
CVE-2024-37087
CVE-2024-37087
PUBLISHED
Es besteht eine Schwachstelle in VMware Cloud Foundation und VMware vCenter Server. Dieser Fehler wurde noch nicht im Detail veröffentlicht. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.
EPSS 0.64% · 70.9th percentile
Risk Scores
EPSS Score
0.64%
70.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Dell Storage PowerStore | |
| VMware | VMware vCenter Server <8.0 U3 | |
| VMware | VMware Cloud Foundation | |
| VMware | VMware vCenter Server <7.0 U3q |
Timeline
- Jun 25, 2024 CVE Published
- Jun 26, 2024 EPSS Score
- Jun 28, 2024 PoC Published
- Jul 18, 2024 EPSS Score
- Jul 30, 2024 PoC Published
- Jul 30, 2024 PoC Published
- Aug 1, 2024 PoC Published
- Aug 10, 2024 EPSS Score
- Sep 1, 2024 EPSS Score
- Sep 24, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 16, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1460.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1460 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505 advisory
- https://www.microsoft.com/en-us/security/blog/2024/07/29/ransomware-operators-exploit-esxi-hypervisor-vulnerability-for-mass-encryption/ exploit
- https://www.dell.com/support/kbdoc/de-de/000228074/dsa-2024-365-dell-powerstore-family-security-update-for-vmware-vulnerabilities advisory