CVE-2015-5191

Опубликовано: 28 июл. 2017

Источник: nvd

CVSS3: 6.7

CVSS2: 3.7

EPSS Низкий

Описание

VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Ссылки

http://www.securityfocus.com/bid/100011
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039013
Third Party Advisory
VDB Entry
https://www.vmware.com/security/advisories/VMSA-2017-0013.html
Vendor Advisory
http://www.securityfocus.com/bid/100011
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039013
Third Party Advisory
VDB Entry
https://www.vmware.com/security/advisories/VMSA-2017-0013.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:vmware:tools:*:*:*:*:*:*:*:*

Версия до 10.0.8 (включая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

EPSS

Процентиль: 20%

0.00066

Низкий

6.7 Medium

CVSS3

3.7 Low

CVSS2

Дефекты

CWE-362

Связанные уязвимости

CVE-2015-5191

CVSS3: 6.7

ubuntu

больше 8 лет назад

CVE-2015-5191

redhat

больше 8 лет назад

CVE-2015-5191

CVSS3: 6.7

debian

больше 8 лет назад

VMware Tools prior to 10.0.9 contains multiple file system races in li ...

openSUSE-SU-2017:0827-1

suse-cvrf

почти 9 лет назад

Security update for open-vm-tools

openSUSE-SU-2017:0509-1

suse-cvrf

почти 9 лет назад

Security update for open-vm-tools

EPSS

Процентиль: 20%

0.00066

Низкий

6.7 Medium

CVSS3

3.7 Low

CVSS2

Дефекты

CWE-362