HTTP: VMware HCX listExtensions SQL injection
This signature detects attempts to exploit a known vulnerability against VMware HCX. A successful attack can lead to command injection and arbitrary code execution.
Extended Description
An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A malicious authenticated user with non-administrator privileges may be able to enter specially crafted SQL queries and perform unauthorized remote code execution on the HCX manager. Updates are available to remediate this vulnerability in affected VMware products.
Affected Products
Vmware vmware_hcx
Short Name
HTTP:SQL:INJ:VMWARE-HCX-LST-EXT
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2024-38814 HCX SQL VMware injection listExtensions
Release Date
03/05/2025
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3788
False Positive
Unknown
Vendors
Vmware