vulnerability

VMSA-2024-0013: VMware ESXi Active Directory Integration Authentication Bypass (CVE-2024-37085)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:M/C:C/I:C/A:C)	2024-06-28	2024-06-28	2025-01-30

Severity

CVSS

(AV:N/AC:L/Au:M/C:C/I:C/A:C)

Published

2024-06-28

Added

2024-06-28

Modified

2025-01-30

Description

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.

Solution(s)

vmware-esxi-7x-no-patchvmware-esxi801-upgrade-24022510vmware-esxi802-upgrade-24022510

References

CVE-2024-37085
https://attackerkb.com/topics/CVE-2024-37085
URL-https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/security-advisories/0/24505

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today