Hashicorp: >> Vagrant Vmware Fusion >> 5.0.2 Security Vulnerabilities
The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 through 5.0.4 allows local users to steal root privileges via a crafted update request when no updates are available.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-03-29
It is possible to exploit an unsanitized PATH in the suid binary that ships with vagrant-vmware-fusion 4.0.25 through 5.0.4 in order to escalate to root privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-03-29