VMSA-2024-0020 – VMware NSX – Multiple Vulnerabilities
VMware by Broadcom has released a VMware NSX update to address multiple vulnerabilities CVE-2024-38818, CVE-2024-38817, and CVE-2024-38815.
Impacted Products:
- VMware NSX
- VMware Cloud Foundation
CVE-2024-38817 | VMware NSX command injection vulnerability
Description:
VMware NSX contains a command injection vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.7. A malicious actor with access to the NSX Edge CLI terminal may be able to craft malicious payloads to execute arbitrary commands on the operating system as root.
Resolution:
To remediate CVE-2024-38817 update to the version listed in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.
Response Matrix:
| VMware Product | Version | CVE | CVSSv3 | Severity | Fixed Version | Workarounds |
| NSX | 4.x | CVE-2024-38817 | 6.7 | Moderate | 4.2.1 | None |
| NSX-T | 3.x | CVE-2024-38817 | 6.7 | Moderate | 3.2.4.1 | None |
| Cloud Foundation (NSX) | 5.x | CVE-2024-38817 | 6.7 | Moderate | Async Patch to 4.2.1 | None |
| Cloud Foundation (NSX-T) | 4.x | CVE-2024-38817 | 6.7 | Moderate | Async Patch to 3.2.4.1 | None |
CVE-2024-38818 | VMware NSX local privilege escalation vulnerability
Description:
VMware NSX contains a local privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.7. An authenticated malicious actor may exploit this vulnerability to obtain permissions from a separate group role than previously assigned.
Resolution:
To remediate CVE-2024-38818 update to the version listed in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.
CVE-2024-38815 | VMware NSX content spoofing vulnerability
Description:
VMware NSX contains a content spoofing vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.3. An unauthenticated malicious actor may be able to craft a URL and redirect a victim to an attacker-controlled domain leading to sensitive information disclosure.
Resolution:
To remediate CVE-2024-38815 update to the version listed in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.
Response Matrix:
| VMware Product | Version | CVE | CVSSv3 | Severity | Fixed Version | Workarounds |
| NSX | 4.x | CVE-2024-38818, CVE-2024-38815 | 6.7, 4.3 | Moderate | 4.2.1 | None |
| NSX-T | 3.x | CVE-2024-38818, CVE-2024-38815 | 6.7, 4.3 | Moderate | Not Impacted | NA |
| Cloud Foundation (NSX) | 5.x | CVE-2024-38818, CVE-2024-38815 | 6.7, 4.3 | Moderate | Async Patch to 4.2.1 | None |
| Cloud Foundation (NSX-T) | 4.x | CVE-2024-38818, CVE-2024-38815 | 6.7, 4.3 | Moderate | Not Impacted | NA |
You can also check my VMware Product Release page for more information regarding released products, release notes, and download links.
Sources:
Broadcom Blog Post
