CVE-2024-22272

VMware Cloud Director contains an Improper Privilege Management vulnerability. An authenticated tenant administrator for a given organization within VMware Cloud Director may be able to accidentally disable their organization leading to a Denial of Service for active sessions within their own organization's scope.

CVSS v3 4.9 MEDIUM

4.9^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24371
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24371

Configurations

No configuration.

History

02 Dec 2024, 18:15

Type	Values Removed	Values Added
CWE		CWE-862

21 Nov 2024, 08:55

Type	Values Removed	Values Added
References	~~() https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24371 -~~	() https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24371 -

28 Jun 2024, 10:27

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-27 21:15

Updated : 2024-12-02 18:15

NVD link : CVE-2024-22272

Mitre link : CVE-2024-22272

CVE.ORG link : CVE-2024-22272

JSON object : View

Products Affected

No product.

CWE

CWE-862

Missing Authorization

4.9 /10