The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit heap-overflow vulnerability to execute arbitrary code on the underlying operating system that hosts vCenter Server.
Metrics
Affected Vendors & Products
References
History
Thu, 05 Dec 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: vmware
Published: 2023-06-22T11:47:19.390Z
Updated: 2024-12-05T19:48:19.259Z
Reserved: 2022-11-01T15:41:50.394Z
Link: CVE-2023-20892
Vulnrichment
Updated: 2024-08-02T09:21:33.432Z
NVD
Status : Modified
Published: 2023-06-22T12:15:09.870
Modified: 2024-11-21T07:41:46.000
Link: CVE-2023-20892
Redhat
No data.