Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2023-20892

The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit heap-overflow vulnerability to execute arbitrary code on the underlying operating system that hosts vCenter Server.

  • Published: Jun 22, 2023
  • Updated: Jun 30, 2023
  • CVE: CVE-2023-20892
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

Software From Fixed in
vmware / vcenter_server 7.0 7.0.x
vmware / vcenter_server 7.0-d 7.0-d.x
vmware / vcenter_server 7.0-c 7.0-c.x
vmware / vcenter_server 7.0-b 7.0-b.x
vmware / vcenter_server 7.0-a 7.0-a.x
vmware / vcenter_server 7.0-update1a 7.0-update1a.x
vmware / vcenter_server 7.0-update1 7.0-update1.x
vmware / vcenter_server 7.0-update1c 7.0-update1c.x
vmware / vcenter_server 7.0-update1d 7.0-update1d.x
vmware / vcenter_server 7.0-update2 7.0-update2.x
vmware / vcenter_server 7.0-update2a 7.0-update2a.x
vmware / vcenter_server 7.0-update2b 7.0-update2b.x
vmware / vcenter_server 7.0-update2c 7.0-update2c.x
vmware / vcenter_server 7.0-update2d 7.0-update2d.x
vmware / vcenter_server 7.0-update3 7.0-update3.x
vmware / vcenter_server 7.0-update3a 7.0-update3a.x
vmware / vcenter_server 7.0-update3c 7.0-update3c.x
vmware / vcenter_server 7.0-update3d 7.0-update3d.x
vmware / vcenter_server 7.0-update3e 7.0-update3e.x
vmware / vcenter_server 7.0-update3f 7.0-update3f.x
vmware / vcenter_server 7.0-update3g 7.0-update3g.x
vmware / vcenter_server 7.0-update3h 7.0-update3h.x
vmware / vcenter_server 7.0-update3j 7.0-update3j.x
vmware / vcenter_server 7.0-update3k 7.0-update3k.x
vmware / vcenter_server 7.0-update3l 7.0-update3l.x
vmware / vcenter_server 7.0-update3i 7.0-update3i.x
vmware / vcenter_server 8.0-update1 8.0-update1.x
vmware / vcenter_server 8.0-update1a 8.0-update1a.x
vmware / vcenter_server 8.0-a 8.0-a.x
vmware / vcenter_server 8.0-b 8.0-b.x
vmware / vcenter_server 8.0-c 8.0-c.x
vmware / vcenter_server 8.0 8.0.x
vmware / vcenter_server - 7.0