Conversation
AttackerKB
attackerkb
New assessment for topic: CVE-2024-37085
Topic description: "VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD. ..."
"CVE-2024-37085, a vulnerability affecting domain-joined VMWare ESXi, was first published on June 25, 2024 ..."
Link: https://attackerkb.com/assessments/1fd9c4e9-1487-45ae-974b-82567a68434a
Topic description: "VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD. ..."
"CVE-2024-37085, a vulnerability affecting domain-joined VMWare ESXi, was first published on June 25, 2024 ..."
Link: https://attackerkb.com/assessments/1fd9c4e9-1487-45ae-974b-82567a68434a
0
0
0