{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-37085","assignerOrgId":"dcf2e128-44bd-42ed-91e8-88f912c1401d","state":"PUBLISHED","assignerShortName":"vmware","dateReserved":"2024-06-03T05:40:17.632Z","datePublished":"2024-06-25T14:16:01.280Z","dateUpdated":"2025-10-21T22:56:21.754Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"VMware ESXi","vendor":"n/a","versions":[{"lessThan":"ESXi80U3-24022510","status":"affected","version":"8.0","versionType":"custom"},{"status":"affected","version":"7.0"}]},{"defaultStatus":"unaffected","product":"VMware Cloud Foundation","vendor":"n/a","versions":[{"status":"affected","version":"5.x"},{"status":"affected","version":"4.x"}]}],"datePublic":"2024-06-25T01:30:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"VMware ESXi contains an authentication bypass vulnerability.&nbsp;A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously<strong><em> </em></strong><a target=\"_blank\" rel=\"nofollow\" href=\"https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html\">configured to use AD for user management</a><strong><em> </em></strong>by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD."}],"value":"VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously  configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html  by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":6.8,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"description":"Authentication bypass vulnerability","lang":"en"}]}],"providerMetadata":{"orgId":"dcf2e128-44bd-42ed-91e8-88f912c1401d","shortName":"vmware","dateUpdated":"2024-06-25T14:16:01.280Z"},"references":[{"url":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505"}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-37085","role":"CISA Coordinator","options":[{"Exploitation":"active"},{"Automatable":"no"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2024-07-31T03:55:22.790428Z"}}},{"other":{"type":"kev","content":{"dateAdded":"2024-07-30","reference":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-37085"}}}],"affected":[{"cpes":["cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*"],"vendor":"vmware","product":"esxi","versions":[{"status":"affected","version":"7.0"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:a:vmware:cloud_foundation:5.0:*:*:*:*:*:*:*"],"vendor":"vmware","product":"cloud_foundation","versions":[{"status":"affected","version":"5.0","lessThan":"5.2","versionType":"custom"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:a:vmware:cloud_foundation:4.0:*:*:*:*:*:*:*"],"vendor":"vmware","product":"cloud_foundation","versions":[{"status":"affected","version":"4.0","lessThan":"5.0","versionType":"custom"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:o:vmware:esxi:8.0:*:*:*:*:*:*:*"],"vendor":"vmware","product":"esxi","versions":[{"status":"affected","version":"8.0","lessThan":"ESXi80U3-24022510","versionType":"custom"}],"defaultStatus":"unknown"}],"references":[{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-37085","tags":["government-resource"]}],"problemTypes":[{"descriptions":[{"lang":"en","type":"CWE","cweId":"CWE-305","description":"CWE-305 Authentication Bypass by Primary Weakness"}]}],"timeline":[{"time":"2024-07-30T00:00:00.000Z","lang":"en","value":"CVE-2024-37085 added to CISA KEV"}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-10-21T22:56:21.754Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T03:43:50.997Z"},"title":"CVE Program Container","references":[{"url":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505","tags":["x_transferred"]}]}]}}