{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T09:59:22.172","vulnerabilities":[{"cve":{"id":"CVE-2024-38814","sourceIdentifier":"security@vmware.com","published":"2024-10-16T17:15:16.237","lastModified":"2024-10-21T18:20:53.267","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A\n malicious authenticated user with non-administrator privileges may be \nable to enter specially crafted SQL queries and perform unauthorized \nremote code execution on the HCX manager. \nUpdates are available to remediate this vulnerability in affected VMware products."},{"lang":"es","value":"VMware recibió un informe privado sobre una vulnerabilidad de inyección SQL autenticada en VMware HCX. Un usuario autenticado malintencionado con privilegios que no sean de administrador podría ingresar consultas SQL especialmente manipuladas y ejecutar código remoto no autorizado en el administrador HCX. Hay actualizaciones disponibles para solucionar esta vulnerabilidad en los productos VMware afectados."}],"metrics":{"cvssMetricV31":[{"source":"security@vmware.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"security@vmware.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vmware_hcx:*:*:*:*:*:*:*:*","versionStartIncluding":"4.8.0","versionEndIncluding":"4.8.2","matchCriteriaId":"15F4C6D8-CF9F-4341-8315-0E4B38E641A8"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vmware_hcx:*:*:*:*:*:*:*:*","versionStartIncluding":"4.9.0","versionEndIncluding":"4.9.1","matchCriteriaId":"7DBB07C1-116E-4C35-9614-C8495BFCF894"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vmware_hcx:4.10.0:*:*:*:*:*:*:*","matchCriteriaId":"BAD018FC-6937-4DB3-9518-14B6D4A41C41"}]}]}],"references":[{"url":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25019","source":"security@vmware.com","tags":["Third Party Advisory"]}]}}]}