Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-21116

Опубликовано: 16 апр. 2024
Источник: nvd
CVSS3: 7.8
EPSS Низкий

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Linux hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*
Версия до 7.0.16 (исключая)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

EPSS

Процентиль: 42%
0.002
Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo
CWE-276

Связанные уязвимости

ubuntu логотип

CVE-2024-21116

CVSS3: 7.8
ubuntu
почти 2 года назад

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Linux hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

debian логотип

CVE-2024-21116

CVSS3: 7.8
debian
почти 2 года назад

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...

github логотип

GHSA-h4r9-mgj3-f327

CVSS3: 7.8
github
почти 2 года назад

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Linux hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

fstec логотип

BDU:2024-03501

CVSS3: 7.8
fstec
почти 2 года назад

Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю повысить свои привилегии

redos логотип

ROS-20240723-05

CVSS3: 8.8
redos
больше 1 года назад

Множественные уязвимости VirtualBox

EPSS

Процентиль: 42%
0.002
Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo
CWE-276