CVE-2017-4943

Опубликовано: 20 дек. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

VMware vCenter Server Appliance (vCSA) (6.5 before 6.5 U1d) contains a local privilege escalation vulnerability via the 'showlog' plugin. Successful exploitation of this issue could result in a low privileged user gaining root level privileges over the appliance base OS.

Ссылки

http://www.securitytracker.com/id/1040026
Third Party Advisory
VDB Entry
https://www.vmware.com/security/advisories/VMSA-2017-0021.html
Patch
Vendor Advisory
http://www.securitytracker.com/id/1040026
Third Party Advisory
VDB Entry
https://www.vmware.com/security/advisories/VMSA-2017-0021.html
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*

cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*

cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*

cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*

cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*

cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*

cpe:2.3:a:vmware:vcenter_server:6.5:update1:*:*:*:*:*:*

cpe:2.3:a:vmware:vcenter_server:6.5:update1b:*:*:*:*:*:*

cpe:2.3:a:vmware:vcenter_server:6.5:update1c:*:*:*:*:*:*

EPSS

Процентиль: 9%

0.00034

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-4262-ffcv-r365