Known Vulnerabilities
CVE-2023-34056
vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data.
MEDIUM
CVSS 4.3
Published Oct 25, 2023
CVE-2023-34048
vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution.
CRITICAL
CVSS 9.8
Published Oct 25, 2023