First published: Wed Oct 16 2024(Updated: )
An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A malicious authenticated user with non-administrator privileges may be able to enter specially crafted SQL queries and perform unauthorized remote code execution on the HCX manager. Updates are available to remediate this vulnerability in affected VMware products.
Credit: security@vmware.com
Affected Software | Affected Version | How to fix |
---|---|---|
Vmware Vmware Hcx | >=4.8.0<=4.8.2 | |
Vmware Vmware Hcx | >=4.9.0<=4.9.1 | |
Vmware Vmware Hcx | =4.10.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.