What is CVE-2024-37081?

CVE-2024-37081 is a high-severity vulnerability in Vmware Cloud Foundation. CVSS score: 7.8/10. Published 2024-06-18.

How severe is CVE-2024-37081?

High severity. CVSS v3 base score is 7.8 out of 10.

Is CVE-2024-37081 known to be exploited?

8 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Vmware Cloud Foundation

CVE-2024-37081

The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCent…

EPSS: 0.521 (98.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

N/a Vmware Cloud Foundation — versions 5.x, 4.x
N/a Vmware Vcenter Server — versions 8.0, 7.0

Public proof-of-concept exploits

References

support.broadcom.com/web/ecx/support-content-notification/-/external/content/Se…

Frequently asked questions

What is CVE-2024-37081?: CVE-2024-37081 is a high-severity vulnerability in Vmware Cloud Foundation. CVSS score: 7.8/10. Published 2024-06-18.
How severe is CVE-2024-37081?: High severity. CVSS v3 base score is 7.8 out of 10.
Is CVE-2024-37081 known to be exploited?: 8 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.