CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-4947

VMware vRealize Automation (7.3 and 7.2) and vSphere Integrated Containers (1.x before 1.3) contain a deserialization vulnerability via Xenon. Successful exploitation of this issue may allow remote attackers to execute arbitrary code on the appliance.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.276

EPSS Ranking 96.1%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

http://www.securityfocus.com/bid/102852
http://www.securitytracker.com/id/1040289
http://www.securitytracker.com/id/1040290
https://www.vmware.com/security/advisories/VMSA-2018-0006.html
http://www.securityfocus.com/bid/102852
http://www.securitytracker.com/id/1040289
http://www.securitytracker.com/id/1040290
https://www.vmware.com/security/advisories/VMSA-2018-0006.html

Products affected by CVE-2017-4947

Vmware » Vrealize Automation » Version: 7.2.0

cpe:2.3:a:vmware:vrealize_automation:7.2.0
Vmware » Vrealize Automation » Version: 7.3.0

cpe:2.3:a:vmware:vrealize_automation:7.3.0
Vmware » Vsphere Integrated Containers » Version: Any

cpe:2.3:a:vmware:vsphere_integrated_containers:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-4947

Products

Pricing

Contact Us