PatchWork APT Threat Actor Group – Active IOCs
October 29, 2024Quasar RAT aka CinaRAT – Active IOCs
October 30, 2024PatchWork APT Threat Actor Group – Active IOCs
October 29, 2024Quasar RAT aka CinaRAT – Active IOCs
October 30, 2024Severity
High
Analysis Summary
CVE-2024-38814
VMware HCX is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements, which could allow the attacker to perform unauthorized remote code execution on the HCX manager.
Impact
- Data Manipulation
Indicators of Compromise
CVE
- CVE-2024-38814
Affected Vendors
Affected Products
- VMware HCX 4.8.0
- VMware HCX 4.9.0
- VMware HCX 4.10.0
Remediation
Refer to VMware Security Advisory for patch, upgrade or suggested workaround information.