CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-6978

vRealize Operations (7.x before 7.0.0.11287810, 6.7.x before 6.7.0.11286837 and 6.6.x before 6.6.1.11286876) contains a local privilege escalation vulnerability due to improper permissions of support scripts. Admin user of the vROps application with shell access may exploit this issue to elevate the privileges to root on a vROps machine. Note: the admin user (non-sudoer) should not be confused with root of the vROps machine.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.6%

CVSS Severity

CVSS v3 Score 6.7

CVSS v2 Score 7.2

References

Products affected by CVE-2018-6978

Vmware » Vrealize Operations » Version: 6.6.0

cpe:2.3:a:vmware:vrealize_operations:6.6.0
Vmware » Vrealize Operations » Version: 6.6.1

cpe:2.3:a:vmware:vrealize_operations:6.6.1
Vmware » Vrealize Operations » Version: 6.7.0

cpe:2.3:a:vmware:vrealize_operations:6.7.0
Vmware » Vrealize Operations » Version: 7.0.0

cpe:2.3:a:vmware:vrealize_operations:7.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-6978

Products

Pricing

Contact Us