Lucene search
VmwareCVELIST:CVE-2021-21999HistoryJun 23, 2021 - 11:16 a.m.
CVE-2021-21999
2021-06-2311:16:41
vmware
www.cve.org
0.0004 Low
EPSS
Percentile
16.0%
VMware Tools for Windows (11.x.y prior to 11.2.6), VMware Remote Console for Windows (12.x prior to 12.0.1) , VMware App Volumes (2.x prior to 2.18.10 and 4 prior to 2103) contain a local privilege escalation vulnerability. An attacker with normal access to a virtual machine may exploit this issue by placing a malicious file renamed as `openssl.cnf’ in an unrestricted directory which would allow code to be executed with elevated privileges.
CNA Affected
[
{
"product": "VMware Tools for Windows, VMware Remote Console for Windows and VMware App Volumes",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware Tools for Windows (11.x.y prior to 11.2.6), VMware Remote Console for Windows (12.x prior to 12.0.1) , VMware App Volumes (2.x prior to 2.18.10 and 4 prior to 2103)"
}
]
}
]Related
nessus
nessus
VMware Tools 11.x < 11.2.6 Privilege Escalation (VMSA-2021-0013)
2021-07-02 00:00:00
openvas
openvas
VMware Tools Privilege Escalation Vulnerability (VMSA-2021-0013) - Windows
2023-01-10 00:00:00
zdi
zdi
vmware
vmware
nvd
nvd
CVE-2021-21999
2021-06-23 12:15:07
cve
cve
CVE-2021-21999
2021-06-23 12:15:07
prion
prion
Privilege escalation
2021-06-23 12:15:00
hivepro
hivepro
thn
thn
Critical Auth Bypass Bug Affects VMware Carbon Black App Control
2021-06-24 08:00:00
threatpost
threatpost
Critical VMware Carbon Black Bug Allows Auth Bypass
2021-06-24 15:31:31