Products
VMware Workstation
VMware Fusion
VMware ESXi
Source
security@vmware.com
Tags
CVE-2024-22273 details
Published : May 21, 2024, 6:15 p.m.
Last Modified : May 21, 2024, 6:15 p.m.
Last Modified : May 21, 2024, 6:15 p.m.
Description
The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability. A malicious actor with access to a virtual machine with storage controllers enabled may exploit this issue to create a denial of service condition or execute code on the hypervisor from a virtual machine in conjunction with other issues.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8.1 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|
CVSS Data
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
8.1
Exploitability Score
Impact Score
Base Severity
HIGH
Vector String : CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
References
| URL | Source |
|---|---|
| https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308 | security@vmware.com |
This website uses the NVD API, but is not approved or certified by it.