Lucene search
VmwareCVELIST:CVE-2021-22042HistoryFeb 16, 2022 - 4:37 p.m.
CVE-2021-22042
2022-02-1616:37:54
vmware
www.cve.org
VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged user.
CNA Affected
[
{
"product": "VMware ESXi and VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware ESXi(7.0 U3 before ESXi70U3c-19193900, 7.0 U2 before ESXi70U2e-19290878 and 7.0 U1 before ESXi70U1e-19324898) and VMware Cloud Foundation 4.x before 4.4"
}
]
}
]Related
cve
cve
CVE-2021-22042
2022-02-16 17:15:10
nvd
nvd
CVE-2021-22042
2022-02-16 17:15:10
prion
prion
Improper access control
2022-02-16 17:15:00
hivepro
hivepro
VMware addresses security flaws discovered during Tianfu Cup Pwn Contest
2022-02-16 13:43:03
nessus
nessus
VMware Fusion 12.0.x < 12.2.1 Multiple Vulnerabilities (VMSA-2022-0004)
2022-02-18 00:00:00
ESXi 6.5 / 6.7 / 7.0 Multiple Vulnerabilities (VMSA-2022-0004)
2022-03-01 00:00:00
VMware Workstation 16.0.x < 16.2.1 Multiple Vulnerabilities (VMSA-2022-0004)
2022-02-18 00:00:00
vmware
vmware
threatpost
threatpost
Critical VMware Bugs Open ESXi, Fusion & Workstation to Attackers
2022-02-16 15:59:14
thn
thn