VMware vCenter Server: Out-of-Bounds Write [CVE-2023-34048] & Partial Information Disclosure [CVE-2023-34056] – January 25, 2024 Ingrid VMware vCenter Server (developed to manage the complexity of cloud, on-prem, and hybrid environments) has an out-of-bounds write [CVE-2023-34048] and a partial information disclosure [CVE-2023-34056] vulnerability. Severity CVE-2023-34048 = 9.8 CVSS (Critical) CVE-2023-34056 = 4.3 CVSS (Moderate) Learn more about severity. What To Do Updates are available to remediate these vulnerabilities in affected VMware products. Resources NVD, “CVE-2023-34048 Detail” NVD, “CVE-2023-34056 Detail” VMware Advisory Status This vulnerability is currently being researched. Additional information will be available shortly. Be sure to enable the New vulnerabilities are supported within Bitsight email preference. Related articles Compromised System Findings Attack Surface: Probable Infrastructure Forms of Attacks Groma Internet Scanning and Data Collection Infrastructure – July 25, 2024 PATCH: Update a Collaboration Registration Form Feedback 0 comments Please sign in to leave a comment.