CVE-2024-22272: VMware Cloud Director contains an Improper Privilege Management vulnerability. An authenticated tenant administrator for a given organization...

4.9 CVSS

Description

VMware Cloud Director contains an Improper Privilege Management vulnerability.

An authenticated tenant administrator for a
given organization within VMware Cloud Director may be able to
accidentally disable their organization leading to a Denial of Service
for active sessions within their own organization's scope.

Classification

CVE ID: CVE-2024-22272

CVSS Base Severity: MEDIUM

CVSS Base Score: 4.9

Affected Products

Vendor: N/A

Product: VMware Cloud Director

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.44% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24371

Timeline

2024-12-03 00:11:45 UTC
CVE

VMware Cloud Director contains an Improper Privilege Management vulnerability. An authenticated tenant administrator for a given organization...