The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication.
References
Link | Resource |
---|---|
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1740 | |
https://www.vmware.com/security/advisories/VMSA-2023-0014.html | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
13 Jul 2023, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
30 Jun 2023, 12:25
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-22 12:15
Updated : 2024-02-04 23:37
NVD link : CVE-2023-20895
Mitre link : CVE-2023-20895
CVE.ORG link : CVE-2023-20895
JSON object : View
Products Affected
vmware
- vcenter_server
CWE
CWE-787
Out-of-bounds Write