CVE-2024-22272

VMware Cloud Director contains an Improper Privilege Management vulnerability. An authenticated tenant administrator for a given organization within VMware Cloud Director may be able to accidentally disable their organization leading to a Denial of Service for active sessions within their own organization's scope.

CVSS v3 4.9 MEDIUM

4.9^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24371
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24371

Configurations

No configuration.

History

No history.

Information

Published : 2024-06-27 21:15

Updated : 2024-12-02 18:15

NVD link : CVE-2024-22272

Mitre link : CVE-2024-22272

CVE.ORG link : CVE-2024-22272

JSON object : View

Products Affected

No product.

CWE

CWE-862

Missing Authorization

4.9 /10