CSIRT Panam\u00e1 Aviso 2024-sep-3 Vulnerabilidad en VM Ware Fusion
Gravedad: Alta
Fecha de publicaci\u00f3n: septiembre 3, 2024
\u00daltima revisi\u00f3n: septiembre 3, 2024
Fuente: security@vmware.com<\/p>\n\n\n\n
Afectados:
VMware Fusion (13.x before 13.6)<\/p>\n\n\n\n
I. Descripci\u00f3n
Se inform\u00f3 a VMware sobre una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo en VMware Fusion. <\/p>\n\n\n\n
<\/p>\n\n\n\n
II. Detalle
Debido al uso de una variable de entorno insegura, un actor malintencionado con privilegios de usuario est\u00e1ndar podr\u00eda aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de la aplicaci\u00f3n Fusion.<\/p>\n\n\n\n
VMware ha evaluado la gravedad de este problema en el rango de gravedad Importante con una puntuaci\u00f3n base CVSSv3 m\u00e1xima de 8,8.<\/p>\n\n\n\n
<\/p>\n\n\n\n
III. Referencia a soluciones, herramientas e informaci\u00f3n
Para remediar la vulnerabilidad CVE-2024-38811, actualice a la version 13.6.
https:\/\/docs.vmware.com\/en\/VMware-Fusion\/13.6\/rn\/vmware-fusion-136-release-notes\/index.html<\/p>\n\n\n\n
<\/p>\n\n\n\n
IV. Informaci\u00f3n de contacto
CSIRT PANAMA
Computer Security Incident Response Team Autoridad Nacional para la Innovacion Gubernamental
E-Mail: info@cert.pa
Phone: +507 520-CERT (2378)
Web: https:\/\/cert.pa
Twitter: @CSIRTPanama
Key ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"
CSIRT Panam\u00e1 Aviso 2024-sep-3 Vulnerabilidad en VM Ware FusionGravedad: AltaFecha de publicaci\u00f3n: septiembre 3, 2024\u00daltima revisi\u00f3n: septiembre 3, 2024Fuente: security@vmware.com Afectados:VMware Fusion (13.x before 13.6) I. Descripci\u00f3nSe inform\u00f3 a VMware sobre una vulnerabilidad de ejecuci\u00f3n…<\/p>\n","protected":false},"author":5,"featured_media":3890,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[76,8,72,80,68],"class_list":["post-3889","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad","tag-actualizaciones","tag-avisos","tag-avisos-de-seguridad","tag-vulnerabilidad","tag-vulnerabilidades"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/3889","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3889"}],"version-history":[{"count":3,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/3889\/revisions"}],"predecessor-version":[{"id":3894,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/3889\/revisions\/3894"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/3890"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3889"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3889"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3889"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}