PRUEBA AHORA

VMware vCenter Server Vulnerability Audit – September 2024

Security Software Vulnerability

Discover VMware vCenter Server Deployments Vulnerable to CVE-2024-38812

Broadcom released a security update for VMware vCenter Server addressing 2 new vulnerabilities, one of which is critical. The most important fix is for a heap-overflow vulnerability in the implementation of the DCERPC protocol tracked as CVE-2024-38812, which received a critical CVSS score of 9.8. If successfully exploited the issue could lead to remote code execution. The update also fixes a privilege escalation vulnerability (CVE-2024-38813) with a CVSS score of 7.5. You can learn more about these security updates in our Vmware vCenter Server Vulnerability Blog.

The report below will help you locate vulnerable vCenter Server deployments. This way you have an actionable overview of all affected installs that you still need to update.

Run the VMware vCenter Server Audit Report Now!

VMware vCenter Server Audit Lansweeper On-Prem Query

Select Distinct Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
Coalesce(tblAssets.Version, tblVmwareProductInfo.Version) As Version,
Coalesce(tblAssets.BuildNumber, tblVmwareProductInfo.Build) As BuildNumber,
tblAssets.Lastseen,
tblAssets.Lasttried
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Left Join tblVmwareVcenters On tblAssets.AssetID = tblVmwareVcenters.AssetID
Left Join tblVmwareProductInfo On tblVmwareVcenters.VcenterID =
tblVmwareProductInfo.VCenterID
Inner Join tblState On tblState.State = tblAssetCustom.State
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where
(tsysAssetTypes.Assettypename = 'VMware vCenter server' And
tblVmwareProductInfo.VCenterID Is Not Null And
((tblVmwareProductInfo.Version Like '8.0%'
And Cast(tblVmwareProductInfo.Build As bigint) < 24321653) or
(tblVmwareProductInfo.Version Like '7.0%'
And Cast(tblVmwareProductInfo.Build As bigint) < 24322018)))

Show

Hide