CVE-2017-4922
Last modified
CVE-2017-4922 is a vulnerability of currently unknown severity. VMware vCenter Server (6.5 prior to 6.5 U1) contains an information disclosure issue due to the service startup script using world writable directories as temporary storage for critical information. Successful exploitation of this issue may allow unprivileged host users to access certain critical information when the service gets restarted.. EPSS estimates a 1.32% chance of exploitation in the next 30 days.
Description
VMware vCenter Server (6.5 prior to 6.5 U1) contains an information disclosure issue due to the service startup script using world writable directories as temporary storage for critical information. Successful exploitation of this issue may allow unprivileged host users to access certain critical information when the service gets restarted.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Vcenter Server | 6.5 |
References
- http://www.securityfocus.com/bid/100012Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1039013Third Party Advisory, VDB Entry
- https://www.vmware.com/security/advisories/VMSA-2017-0013.htmlPatch, Vendor Advisory
- http://www.securityfocus.com/bid/100012Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1039013Third Party Advisory, VDB Entry
- https://www.vmware.com/security/advisories/VMSA-2017-0013.htmlPatch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-4922?
How severe is CVE-2017-4922?
How do I fix CVE-2017-4922?
Are you affected by CVE-2017-4922?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST