CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-10228

The Vagrant VMWare Utility Windows installer targeted a custom location with a non-protected path that could be modified by an unprivileged user, introducing potential for unauthorized file system writes. This vulnerability, CVE-2024-10228, was fixed in Vagrant VMWare Utility 1.0.23

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.4%

CVSS Severity

CVSS v3 Score 3.8

References

https://discuss.hashicorp.com/t/hcsec-2024-25-vagrant-vmware-utility-installation-files-vulnerable-to-modification-by-unprivileged-user

Products affected by CVE-2024-10228

Hashicorp » Vagrant Vmware Utility » Version: Any

cpe:2.3:a:hashicorp:vagrant_vmware_utility:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-10228

Products

Pricing

Contact Us