[ { "advisoryKey": "VMSA-2024-0001", "affectedPackages": [ { "identifier": "VMware ESXi 7.0", "platform": null, "provenance": [ { "fieldMask": [], "kind": "affected", "recordedAt": "2024-04-05T00:00:00+00:00", "source": "vmware", "value": "VMware ESXi 7.0" } ], "statuses": [], "type": "vendor", "versionRanges": [ { "fixedVersion": "7.0u3f", "introducedVersion": "7.0", "lastAffectedVersion": null, "primitives": { "evr": null, "hasVendorExtensions": true, "nevra": null, "semVer": { "constraintExpression": null, "fixed": null, "fixedInclusive": false, "introduced": "7.0", "introducedInclusive": true, "lastAffected": null, "lastAffectedInclusive": false }, "vendorExtensions": { "vmware.product": "VMware ESXi 7.0", "vmware.version.raw": "7.0", "vmware.fixedVersion.raw": "7.0u3f" } }, "provenance": { "fieldMask": [], "kind": "range", "recordedAt": "2024-04-05T00:00:00+00:00", "source": "vmware", "value": "VMware ESXi 7.0" }, "rangeExpression": "7.0", "rangeKind": "vendor" } ] }, { "identifier": "VMware vCenter Server 8.0", "platform": null, "provenance": [ { "fieldMask": [], "kind": "affected", "recordedAt": "2024-04-05T00:00:00+00:00", "source": "vmware", "value": "VMware vCenter Server 8.0" } ], "statuses": [], "type": "vendor", "versionRanges": [ { "fixedVersion": "8.0a", "introducedVersion": "8.0", "lastAffectedVersion": null, "primitives": { "evr": null, "hasVendorExtensions": true, "nevra": null, "semVer": { "constraintExpression": null, "fixed": null, "fixedInclusive": false, "introduced": "8.0", "introducedInclusive": true, "lastAffected": null, "lastAffectedInclusive": false }, "vendorExtensions": { "vmware.product": "VMware vCenter Server 8.0", "vmware.version.raw": "8.0", "vmware.fixedVersion.raw": "8.0a" } }, "provenance": { "fieldMask": [], "kind": "range", "recordedAt": "2024-04-05T00:00:00+00:00", "source": "vmware", "value": "VMware vCenter Server 8.0" }, "rangeExpression": "8.0", "rangeKind": "vendor" } ] } ], "aliases": [ "CVE-2024-1000", "CVE-2024-1001", "VMSA-2024-0001" ], "cvssMetrics": [], "exploitKnown": false, "language": "en", "modified": "2024-04-01T10:00:00+00:00", "provenance": [ { "fieldMask": [], "kind": "document", "recordedAt": "2024-04-05T00:00:00+00:00", "source": "vmware", "value": "https://vmware.example/api/vmsa/VMSA-2024-0001.json" }, { "fieldMask": [], "kind": "mapping", "recordedAt": "2024-04-05T00:00:00+00:00", "source": "vmware", "value": "VMSA-2024-0001" } ], "published": "2024-04-01T10:00:00+00:00", "references": [ { "kind": "kb", "provenance": { "fieldMask": [], "kind": "reference", "recordedAt": "2024-04-05T00:00:00+00:00", "source": "vmware", "value": "https://kb.vmware.example/90234" }, "sourceTag": "kb", "summary": null, "url": "https://kb.vmware.example/90234" }, { "kind": "advisory", "provenance": { "fieldMask": [], "kind": "reference", "recordedAt": "2024-04-05T00:00:00+00:00", "source": "vmware", "value": "https://www.vmware.com/security/advisories/VMSA-2024-0001.html" }, "sourceTag": "advisory", "summary": null, "url": "https://www.vmware.com/security/advisories/VMSA-2024-0001.html" } ], "severity": null, "summary": "Security updates for VMware ESXi 7.0 and vCenter Server 8.0 resolve multiple vulnerabilities.", "title": "VMware ESXi and vCenter Server updates address vulnerabilities" }, { "advisoryKey": "VMSA-2024-0002", "affectedPackages": [ { "identifier": "VMware Cloud Foundation 5.x", "platform": null, "provenance": [ { "fieldMask": [], "kind": "affected", "recordedAt": "2024-04-05T00:00:00+00:00", "source": "vmware", "value": "VMware Cloud Foundation 5.x" } ], "statuses": [], "type": "vendor", "versionRanges": [ { "fixedVersion": "5.1.1", "introducedVersion": "5.1", "lastAffectedVersion": null, "primitives": { "evr": null, "hasVendorExtensions": true, "nevra": null, "semVer": { "constraintExpression": null, "fixed": "5.1.1", "fixedInclusive": false, "introduced": "5.1", "introducedInclusive": true, "lastAffected": null, "lastAffectedInclusive": false }, "vendorExtensions": { "vmware.product": "VMware Cloud Foundation 5.x", "vmware.version.raw": "5.1", "vmware.fixedVersion.raw": "5.1.1" } }, "provenance": { "fieldMask": [], "kind": "range", "recordedAt": "2024-04-05T00:00:00+00:00", "source": "vmware", "value": "VMware Cloud Foundation 5.x" }, "rangeExpression": "5.1", "rangeKind": "vendor" } ] } ], "aliases": [ "CVE-2024-2000", "VMSA-2024-0002" ], "cvssMetrics": [], "exploitKnown": false, "language": "en", "modified": "2024-04-02T09:00:00+00:00", "provenance": [ { "fieldMask": [], "kind": "document", "recordedAt": "2024-04-05T00:00:00+00:00", "source": "vmware", "value": "https://vmware.example/api/vmsa/VMSA-2024-0002.json" }, { "fieldMask": [], "kind": "mapping", "recordedAt": "2024-04-05T00:00:00+00:00", "source": "vmware", "value": "VMSA-2024-0002" } ], "published": "2024-04-02T09:00:00+00:00", "references": [ { "kind": "kb", "provenance": { "fieldMask": [], "kind": "reference", "recordedAt": "2024-04-05T00:00:00+00:00", "source": "vmware", "value": "https://kb.vmware.example/91234" }, "sourceTag": "kb", "summary": null, "url": "https://kb.vmware.example/91234" }, { "kind": "advisory", "provenance": { "fieldMask": [], "kind": "reference", "recordedAt": "2024-04-05T00:00:00+00:00", "source": "vmware", "value": "https://www.vmware.com/security/advisories/VMSA-2024-0002.html" }, "sourceTag": "advisory", "summary": null, "url": "https://www.vmware.com/security/advisories/VMSA-2024-0002.html" } ], "severity": null, "summary": "An update is available for VMware Cloud Foundation components to address a remote code execution vulnerability.", "title": "VMware Cloud Foundation remote code execution vulnerability" } ]