<ul><li>VMware has fixed a high-severity SQL injection flaw in HCX.</li><li>The vulnerability, tracked as CVE-2024-38814, allowed non-admin users to remotely execute code on the HCX manager.</li><li>The flaw was privately reported to VMware and an authenticated user with non-admin rights could exploit it by using crafted SQL queries.</li><li>Multiple versions of the HCX platform were impacted, but the vulnerability has been fixed in the latest updates.</li></ul>

VMware fixes high-severity SQL injection flaw CVE-2024-38814 in HCX

Discover more