Описание
Microsoft System Center Virtual Machine Manager (VMM) 2012 R2 Update Rollup 4 does not properly validate the roles of users, which allows local users to obtain server and virtual-machine administrative privileges by establishing a server session with Active Directory credentials, aka "Virtual Machine Manager Elevation of Privilege Vulnerability."
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- VDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- VDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:microsoft:virtual_machine_manager:2012:r2_rollup4:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.03941
Низкий
6.9 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
Microsoft System Center Virtual Machine Manager (VMM) 2012 R2 Update Rollup 4 does not properly validate the roles of users, which allows local users to obtain server and virtual-machine administrative privileges by establishing a server session with Active Directory credentials, aka "Virtual Machine Manager Elevation of Privilege Vulnerability."
EPSS
Процентиль: 88%
0.03941
Низкий
6.9 Medium
CVSS2
Дефекты
CWE-264