Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-37085

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.

Published

2024-06-25T15:15:12.377

Last Modified

2024-12-20T16:52:43.217

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.8 (MEDIUM)

Weaknesses

Type: Primary
CWE-287
Type: Secondary
CWE-305

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	vmware	cloud_foundation	< 5.2	Yes
Operating System	vmware	esxi	7.0	Yes
Operating System	vmware	esxi	8.0	Yes
Operating System	vmware	esxi	8.0	Yes
Operating System	vmware	esxi	8.0	Yes
Operating System	vmware	esxi	8.0	Yes
Operating System	vmware	esxi	8.0	Yes
Operating System	vmware	esxi	8.0	Yes
Operating System	vmware	esxi	8.0	Yes
Operating System	vmware	esxi	8.0	Yes
Operating System	vmware	esxi	8.0	Yes
Operating System	vmware	esxi	8.0	Yes
Operating System	vmware	esxi	8.0	Yes

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505 Patch, Vendor Advisory ([email protected])
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)