Impact of CVE-2024-38819 and CVE-2024-38820 on vCenter Server
search cancel

Impact of CVE-2024-38819 and CVE-2024-38820 on vCenter Server

book

Article ID: 385695

calendar_today

Updated On:

Products

VMware vCenter Server 7.0 VMware vCenter Server 8.0

Issue/Introduction

CVE-2024-38819 and CVE-2024-38820 affect the versions of Spring Framework

  • 5.3.0 - 5.3.40
  • 6.0.0 - 6.0.24
  • 6.1.0 - 6.1.13
  • Older, unsupported versions are also affected

Environment

VMware vCenter Server 7.0.x
VMware vCenter Server 8.0.x

Cause

vCenter Servers are using these affected versions of Spring Framework. 

Resolution

These issues were resolved in the following releases:

  • vCenter Server 7.0.3 P10
  • vCenter Server 8.0.3 P05
Powered by Wolken Software