CVE-2024-37081
Published: 18 June 2024
Summary
CVE-2024-37081 is a high-severity ASP.NET Misconfiguration: Use of Identity Impersonation (CWE-556) vulnerability in Vmware Vcenter Server. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 2.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance. The issues affect the vCenter Server Appliance component and carry a CVSS 3.1 base score of 7.8.
An authenticated local attacker with low privileges can exploit the sudo misconfigurations to obtain root-level access on the appliance. Successful exploitation grants full control over the vCenter Server environment, including the ability to read, modify, or delete arbitrary data and affect availability.
Broadcom has published security advisories that address the vulnerabilities and are available at the referenced support pages. The current EPSS score stands at 0.4987 with a recorded peak of 0.5028.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-36414
Vulnerability details
The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.