Remediation steps to resolve CVE-2024-23807 in vCenter server
Article ID: 391190
Updated On:
Products
VMware vCenter Server
Issue/Introduction
vCenter Server version 8.0 U3d, is being flagged for CVE-224-23807 when scanned for Tools to assess Vulnerability
Environment
vCenter Server 8.0 U3d and later
Cause
This is a known issue with Apache Xerces XML parser, and Broadcom security is working resolving the issue in Photon OS 4.0.
Resolution
VMware Security Team believes the vulnerability is not exploitable in normal circumstances with the current configuration but the fix is still planned for future releases of vCenter server.
Feedback
Yes
No
Powered by
