Description

The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.

INFO

Published Date :

2024-09-17T17:13:09.778Z

Last Modified :

2025-10-21T22:55:44.777Z

Source :

vmware
AFFECTED PRODUCTS

The following products are affected by CVE-2024-38812 vulnerability.

Vendors Products
Broadcom
  • Vmware Cloud Foundation
  • Vmware Vcenter Server
Vmware
  • Cloud Foundation
  • Vcenter Server
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-38812.

URL Resource
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968 cve-icon cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-38812 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact