Overview
- Description
- An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A malicious authenticated user with non-administrator privileges may be able to enter specially crafted SQL queries and perform unauthorized remote code execution on the HCX manager. Updates are available to remediate this vulnerability in affected VMware products.
- Source
- security@vmware.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Social media
- Hype score
- Not currently trending
VMware fixes high-severity SQL injection CVE-2024-38814 in HCX https://t.co/H1ZHmWvzfK
@Cyberdailybrief
8 Nov 2024
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
VMSA-2024-0021: Addressing SQL Injection Vulnerability in VMware HCX (CVE-2024-38814) https://t.co/GOghxVqW2p https://t.co/TrrJqBSPfS
@shbertin
1 Nov 2024
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
VMSA-2024-0021: Addressing SQL Injection Vulnerability in VMware HCX (CVE-2024-38814) https://t.co/a2JUD0ikfx https://t.co/nI4yw77LHG
@shbertin
31 Oct 2024
20 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
VMware HCX-də “SQL inyeksiyası” boşluğu (CVE-2024-38814) aşkar olunub. #ETX #certaz #cybersecurity #xəbərdarlıq https://t.co/XCSfhayp1i
@CERTAzerbaijan
21 Oct 2024
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
VMSA-2024-0021: Addressing SQL Injection Vulnerability in VMware HCX (CVE-2024-38814) https://t.co/H5glQgvEFL https://t.co/NDyXhtqWQx
@scandaletti
20 Oct 2024
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#VMware fixes a high-severity SQL injection flaw (CVE-2024-38814) in #HCX. #Cybersecurity #infosec #CyberSecMonth #ThinkB4Uclick https://t.co/x5TOx6vq59 https://t.co/90D5LkqFrl
@twelvesec
19 Oct 2024
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
VMware fixes high-severity SQL injection flaw CVE-2024-38814 in HCX: VMware fixes a high-severity SQL injection flaw in HCX allowing non-admin users to remotely execute code on the HCX manager. VMWare warns to address a remote code execution… https://t.co/Nel2KThvpQ https://t.co/
@shah_sheikh
2 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-38814 An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A malicious authenticated user with non-administrator privileges may be … https://t.co/jP2Eg5WmSO
@CVEnew
252 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
VMSA-2024-0021: Addressing SQL Injection Vulnerability in VMware HCX (CVE-2024-38814) https://t.co/aAno8BgOpI https://t.co/SwJtoGibJW
@AngrySysOps
93 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
VMware Patches High-Severity SQL Injection Flaw in HCX Platform: VMware patches CVE-2024-38814 and warns that attackers with non-administrator privileges can execute remote code on the HCX manager. The post VMware Patches High-Severity SQL Injection… https://t.co/t71XQyJJBX htt
@shah_sheikh
48 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
VMware fixes high-severity SQL injection flaw CVE-2024-38814 in HCX - #WEBOUNCER next level security by https://t.co/3ZPWK35LoY https://t.co/6qMgRv9yD2
@WEBOUNCER_
27 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Broadcom Warns of High-Risk VMware HCX Vulnerability (CVE-2024-38814) https://t.co/XEkRNdrBTC
@Dinosn
2871 Impressions
13 Retweets
46 Likes
7 Bookmarks
0 Replies
0 Quotes
CVE-2024-38814: SQL Injection vulnerability in VMWare HCX Vulnerability Details: https://t.co/5IzEXTEiOJ #PatchNOW #VMWare #Vulnerability #cybersecurity #ComputerSecurity #hacked #Cyberattack #infosec #informationsecurity #CyberSecurityAwareness #DataBreach https://t.co/olt3u6E
@patchnow24x7
10 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
VMware fixes high-severity SQL injection flaw CVE-2024-38814 in HCX https://t.co/HFRW4PvD5z #BreakingNews https://t.co/rPj6MSeVoL
@evanderburg
39 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Warning: High Authenticated SQL Injection in @VMwareHCX. #CVE-2024-38814 CVSS: 8.8. This vulnerability can lead to remote code execution #RCE! #Patch #Patch #Patch https://t.co/3dMkCUvleb
@CCBalert
215 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-38814: SQL Injection vulnerability in VMWare HCX Technical Details and Analysis: https://t.co/5IzEXTEiOJ #PatchNOW #VMWare #Vulnerability #cybersecurity #ComputerSecurity #hacked #Cyberattack #infosec #informationsecurity #CyberSecurityAwareness #DataBreach https://t.c
@patchnow24x7
321 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
2 Quotes
CVE-2024-38814: SQL Injection vulnerability in VMWare HCX Vulnerability Details: https://t.co/5IzEXTEiOJ #PatchNOW #VMWare #Vulnerability #cybersecurity #ComputerSecurity #hacked #Cyberattack #infosec #informationsecurity #CyberSecurityAwareness #DataBreach https://t.co/QyDkwbx
@patchnow24x7
4 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-38814: SQL Injection vulnerability in VMWare HCX Vulnerability Details: https://t.co/5IzEXTEiOJ #PatchNOW #VMWare #Vulnerability #cybersecurity #ComputerSecurity #hacked #Cyberattack #infosec #informationsecurity #CyberSecurityAwareness #DataBreach https://t.
@patchnow24x7
49 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
به تازگی برای VMware آسیب پذیری با کد شناسایی CVE-2024-38814 از نوع sqlinjection منتشر شده است. این آسیب پذیری بدون نیاز به دسترسی admin از طریق تغییر SQL queries اجازه اجرای کد بر روی HCX manager را به هکرها می دهد. https://t.co/Y2P1U3eX7Y https://t.co/zyDVLhytJI
@AmirHossein_sec
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#VMware fixes high-severity #SQL_injection #Vulnerabilities #flaw CVE-2024-38814 in #HCX https://t.co/JA6mfzbqsF https://t.co/rrxbo6osTY
@omvapt
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
VMSA-2024-0021: Addressing SQL Injection Vulnerability in VMware HCX (CVE-2024-38814) Continue reading at https://t.co/EDFvn9ArZH https://t.co/4M3o3AkXRq https://t.co/l5s8OgqrVq
@Jotape_VM
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
VMware’s HCX Security Snafu: Patch Now or Risk Remote Code Chaos! Hot Take: VMware's HCX platform has a new dance partner: a remote code execution vulnerability! This CVE-2024-38814 flaw may not have a catchy name, but with a CVSS score of 8.8, it's definitely making headlines…
@TheNimbleNerd
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
VMware patches CVE-2024-38814 and warns that attackers with non-administrator privileges can execute remote code on the HCX manager. CVSS 8.8/10 https://t.co/UixW5HhGQn
@ryanaraine
5040 Impressions
4 Retweets
13 Likes
5 Bookmarks
2 Replies
1 Quote
VMware HCX SQL Enjeksiyon Zaafiyeti (CVE-2024-38814) https://t.co/xETbmeR9nw
@cyberwebeyeos
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
VMware fixes CVE-2024-38814 in HCX #VMwareHCX #CVE-2024-38814 https://t.co/C2cy1E18qt
@pravin_karthik
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
VMware's new nightmare: CVE-2024-38814 lets low-level hackers seize control of core systems. Are your data centers safe? Full breach details inside. #CyberSecurity #TechNews https://t.co/fGHo8ynxTM
@geeknik
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vmware_hcx:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "15F4C6D8-CF9F-4341-8315-0E4B38E641A8",
"versionEndIncluding": "4.8.2",
"versionStartIncluding": "4.8.0"
},
{
"criteria": "cpe:2.3:a:vmware:vmware_hcx:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7DBB07C1-116E-4C35-9614-C8495BFCF894",
"versionEndIncluding": "4.9.1",
"versionStartIncluding": "4.9.0"
},
{
"criteria": "cpe:2.3:a:vmware:vmware_hcx:4.10.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BAD018FC-6937-4DB3-9518-14B6D4A41C41"
}
],
"operator": "OR"
}
]
}
]