{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T23:37:12.952","vulnerabilities":[{"cve":{"id":"CVE-2023-34048","sourceIdentifier":"security@vmware.com","published":"2023-10-25T18:17:27.897","lastModified":"2025-10-30T19:52:27.310","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution."},{"lang":"es","value":"vCenter Server contiene una vulnerabilidad de escritura fuera de los límites en la implementación del protocolo DCERPC. Un actor malintencionado con acceso a la red de vCenter Server puede desencadenar una escritura fuera de los límites que podría conducir a la ejecución remota de código."}],"metrics":{"cvssMetricV31":[{"source":"security@vmware.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"cisaExploitAdd":"2024-01-22","cisaActionDue":"2024-02-12","cisaRequiredAction":"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","cisaVulnerabilityName":"VMware vCenter Server Out-of-Bounds Write Vulnerability","weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0","versionEndIncluding":"5.5","matchCriteriaId":"561A702A-DB0C-4E67-AF6C-9994B99DA56C"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*","matchCriteriaId":"5FA81CCD-A05E-498C-820E-21980E92132F"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*","matchCriteriaId":"0EE83406-A3D9-4F75-A1A6-63831CEBEEC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*","matchCriteriaId":"FB563627-C9CF-4D8A-B882-9AB65EAE9E15"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*","matchCriteriaId":"DCA03B2A-48B2-48AD-B8EB-9D7BB2016819"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*","matchCriteriaId":"A2392D0F-D7A2-4E01-9212-1BA6C895AEBF"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*","matchCriteriaId":"6D731C1A-9FE5-461C-97E2-6F45E4CBABE1"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*","matchCriteriaId":"8725E544-2A94-4829-A683-1ECCE57A74A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*","matchCriteriaId":"0FC6765A-6584-45A8-9B21-4951D2EA8939"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*","matchCriteriaId":"85DD238C-EF73-44F0-928E-A94FF5C4B378"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*","matchCriteriaId":"F4CA36C1-732E-41AE-B847-F7411B753F3D"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*","matchCriteriaId":"0DA882B6-D811-4E4B-B614-2D48F0B9036E"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*","matchCriteriaId":"8D30A78E-16D0-4A2E-A2F8-F6073698243E"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update2c:*:*:*:*:*:*","matchCriteriaId":"188E103E-9568-4CE0-A984-141B2A9E82D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update2d:*:*:*:*:*:*","matchCriteriaId":"B266439F-E911-4C95-9D27-88DF96DDCCD5"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update3:*:*:*:*:*:*","matchCriteriaId":"6508A908-EF14-4A72-AC75-5DA6F8B98A0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update3a:*:*:*:*:*:*","matchCriteriaId":"3BAD2012-5C82-4EA9-A780-9BF1DA5A18AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update3c:*:*:*:*:*:*","matchCriteriaId":"58597F18-0B23-4D21-9ABA-D9773958F10E"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update3d:*:*:*:*:*:*","matchCriteriaId":"ADF46C54-313B-4742-A074-EEA0A6554680"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update3e:*:*:*:*:*:*","matchCriteriaId":"9587F800-57BC-44B6-870E-95691684FC46"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update3f:*:*:*:*:*:*","matchCriteriaId":"AD148A75-5076-416D-AFD6-0F281DA0A82B"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update3g:*:*:*:*:*:*","matchCriteriaId":"956CEA8C-F8C4-41BD-85B4-44FE3A772E50"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update3h:*:*:*:*:*:*","matchCriteriaId":"008AEA0F-116B-4AF8-B3A7-3041CCE25235"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update3i:*:*:*:*:*:*","matchCriteriaId":"EE486B2F-AED4-4FCE-A674-DFC25844FEFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update3j:*:*:*:*:*:*","matchCriteriaId":"4F73AA9E-51E9-4FA0-813D-AD05FDC3EF94"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update3k:*:*:*:*:*:*","matchCriteriaId":"455DD46E-A071-476D-8914-767485E45F35"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update3l:*:*:*:*:*:*","matchCriteriaId":"3A422D04-48DF-4A16-94F8-D5702CC2782D"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update3m:*:*:*:*:*:*","matchCriteriaId":"806E9219-CDF4-4E62-978E-334E96A94BA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:7.0:update3n:*:*:*:*:*:*","matchCriteriaId":"34D8B182-4E71-4655-8DD8-743A3EF6DC8B"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:8.0:-:*:*:*:*:*:*","matchCriteriaId":"CC974CA1-88D3-42E4-BF1F-28870F8171B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:8.0:a:*:*:*:*:*:*","matchCriteriaId":"EFE63984-F69B-4593-9AEC-D179D6D98B08"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:8.0:b:*:*:*:*:*:*","matchCriteriaId":"34D1F3B3-8E3F-4E4D-8EE6-2F593663B5CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:8.0:c:*:*:*:*:*:*","matchCriteriaId":"16F3D992-9F48-4604-9AAF-DC2D1CE98BE2"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:8.0:update1:*:*:*:*:*:*","matchCriteriaId":"C745A7E6-4760-48CD-B7C4-1C2C20217F21"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:8.0:update1a:*:*:*:*:*:*","matchCriteriaId":"A5522514-8ED9-45DB-9036-33FE40D77E7D"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:8.0:update1b:*:*:*:*:*:*","matchCriteriaId":"8C27C660-E917-4944-8B4C-41D9622B76D7"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:8.0:update1c:*:*:*:*:*:*","matchCriteriaId":"56CFB469-B3E6-4503-A47C-D18206D4D19A"}]}]}],"references":[{"url":"https://www.vmware.com/security/advisories/VMSA-2023-0023.html","source":"security@vmware.com","tags":["Vendor Advisory"]},{"url":"https://www.vicarius.io/vsociety/posts/understanding-cve-2023-34048-a-zero-day-out-of-bound-write-in-vcenter-server","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.vmware.com/security/advisories/VMSA-2023-0023.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-34048","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}}]}