exploitDog

GHSA-27hx-pvj5-2hqg

Опубликовано: 17 фев. 2022

Источник: github

Github: Не прошло ревью

Описание

VMware ESXi contains a TOCTOU (Time-of-check Time-of-use) vulnerability that exists in the way temporary files are handled. A malicious actor with access to settingsd, may exploit this issue to escalate their privileges by writing arbitrary files.

VMware ESXi contains a TOCTOU (Time-of-check Time-of-use) vulnerability that exists in the way temporary files are handled. A malicious actor with access to settingsd, may exploit this issue to escalate their privileges by writing arbitrary files.

Ссылки

EPSS

Процентиль: 73%

0.00818

Низкий

CVE ID

Дефекты

CWE-367

Связанные уязвимости

CVE-2021-22043

CVSS3: 7.5

nvd

больше 3 лет назад

VMware ESXi contains a TOCTOU (Time-of-check Time-of-use) vulnerability that exists in the way temporary files are handled. A malicious actor with access to settingsd, may exploit this issue to escalate their privileges by writing arbitrary files.

BDU:2022-02313

CVSS3: 7.8

fstec

больше 3 лет назад

Уязвимость платформы виртуализации VMware Cloud Foundation и гипервизора VMware ESXi, связанная с ошибками синхронизации при использовании общего ресурса, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 73%

0.00818

Низкий

CVE ID

Дефекты

CWE-367