July 24, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Quasar RAT aka CinaRAT – Active IOCs
June 26, 2024
Multiple GitHub Enterprise Server Vulnerabilities
June 26, 2024
Quasar RAT aka CinaRAT – Active IOCs
June 26, 2024
Multiple GitHub Enterprise Server Vulnerabilities
June 26, 2024
Severity
Medium
Analysis Summary
CVE-2024-37087 CVSS::5.3
VMware vCenter Server is vulnerable to a denial of service, caused by improper validation of user-supplied input within the License Server. A remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-37085 CVSS:6.8
VMware ESXi could allow a remote authenticated attacker to bypass security restrictions. By re-creating the configured AD group after it was deleted from AD, an attacker could exploit this vulnerability to gain full access to an ESXi host.
CVE-2024-37086 CVSS:6.8
VMware ESXi is vulnerable to a denial of service, caused by an out-of-bounds error. A local attacker could exploit this vulnerability to cause a denial of service.
Impact
- Denial of Service
- Security Bypass
Indicators of Compromise
CVE
- CVE-2024-37087
- CVE-2024-37085
- CVE-2024-37086
Affected Vendors
VMWare
Affected Products
- VMware ESXi 7.0
- VMware vCenter Server 7.0
- VMware Cloud Foundation 4.0
- VMware ESXi 8.0
- VMware vCenter Server 8.0
- VMware Cloud Foundation 5.0
Remediation
Refer to VMware Security Advisory for patch, upgrade or suggested workaround information.