CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-4922

VMware vCenter Server (6.5 prior to 6.5 U1) contains an information disclosure issue due to the service startup script using world writable directories as temporary storage for critical information. Successful exploitation of this issue may allow unprivileged host users to access certain critical information when the service gets restarted.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.4%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

http://www.securityfocus.com/bid/100012
http://www.securitytracker.com/id/1039013
https://www.vmware.com/security/advisories/VMSA-2017-0013.html
http://www.securityfocus.com/bid/100012
http://www.securitytracker.com/id/1039013
https://www.vmware.com/security/advisories/VMSA-2017-0013.html

Products affected by CVE-2017-4922

Vmware » Vcenter Server » Version: 6.5

cpe:2.3:a:vmware:vcenter_server:6.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-4922

Products

Pricing

Contact Us