VMware修補vCenter Server的遠端執行漏洞
支付動態 · 2024-06-19

VMware在6月18日公布並修補影響虛擬化管理軟體vCenter Server的3項安全漏洞,可導致遠端程式攻擊以及本地端權限擴充

背景圖片取自Milad Fakurian on Unsplash

VMware周二(6/18)修補了位於vCenter Server的3個安全漏洞,其中的CVE-2024-37079與CVE-2024-37080屬於堆積溢位漏洞,可導致遠端程式攻擊,其CVSS風險評分高達9.8,另一個CVE-2024-37081則是本地端權限擴充漏洞,CVSS風險評分為7.8。

vCenter Server為VMware所開發的虛擬化管理軟體,相關漏洞影響採用該軟體的VMware vSphere與VMware Cloud Foundation。根據VMware的說明,vCenter Server在實現分散式運算環境/遠端呼叫系統(DCE/RPC)協定時,出現了多個堆積溢位漏洞,將允許可藉由網路存取vCenter Server的駭客傳送特製封包來觸發漏洞,進而導致遠端程式攻擊。

至於CVE-2024-37081則含有多個本地端權限擴張漏洞,源自於sudo的配置錯誤,將允許僅具備一般權限的本地端用戶取得最高權限。

目前尚未發現上述漏洞遭到濫用,VMware督促用戶應儘快修補。

Popular articles
PropellerAds Shared a New iGaming Case Study: 97,674 Installs and 12,701 Deposits in 3 Months
Marketing
What’s on the SBC Summit Conference Agenda in 2026?
Marketing
Vietnam’s Controlled Gaming Shift Gains Ground, But Domestic Demand Still Lags
Southeast Asia
Brazil Proposes Raising Gambling Tax Rate to 24%, With Revenue Allocated to Social Security and Healthcare
Regulation
Gaming & Technology Expo Makes a Powerful Entrance in CDMX
Marketing
DB Gaming Is One of Asia’s Top-Tier Game Solution Providers, Recognized as a Pioneer in the Asian Gaming Industry.
Marketing
PropellerAds Positions Itself as a Go-To Traffic Source for iGaming Advertisers Ahead of a High-Demand Season
Marketing
Full House at GAT Expo Cartagena 2026 Academic Agenda
Online Game
SBC Summit Canada to Make Player Safety a Key Pillar of 2026 Agenda
Marketing
Vietnam's tightening online gaming policy creates new market opportunities
Southeast Asia
B2B Tech Infrastructure Gains Momentum in Philippine Gaming Sector
Southeast Asia
UK MPs reopen 2025 gambling inquiry as reform stalls
Regulation
1spin4win grows its Latin American presence by partnering with Fortuna Juegos
Online Game
GAT Expo CDMX 2026 Kicks Off Today in Mexico with a Sold-Out Opening Reception at Big Bola Casino Santa Fe
Marketing
Are you ready to maximize your earnings? Try ProPush.me Constructor!
Marketing
Home
Game
Cooperation
Find
My