CVE-2024-38830: Local privilege escalation vulnerability

7.8 CVSS

Description

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges may trigger this vulnerability to escalate privileges to root user on the appliance running VMware Aria Operations.

Classification

CVE ID: CVE-2024-38830

CVSS Base Severity: HIGH

CVSS Base Score: 7.8

Affected Products

Vendor: VMware

Product: VMware Aria Operations

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.44% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25199

Timeline

2024-11-27 14:41:57 UTC
CVE

Local privilege escalation vulnerability