CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
5.1%
VMware ESXi 4.0 through 5.5 and ESX 4.0 and 4.1 allow local users to read or modify arbitrary files by leveraging the Virtual Machine Power User or Resource Pool Administrator role for a vCenter Server Add Existing Disk action with a (1) -flat, (2) -rdm, or (3) -rdmp filename.
Vendor | Product | Version | CPE |
---|---|---|---|
vmware | esx | 4.0 | cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:* |
vmware | esx | 4.1 | cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:* |
vmware | esxi | 4.0 | cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:* |
vmware | esxi | 4.0 | cpe:2.3:o:vmware:esxi:4.0:1:*:*:*:*:*:* |
vmware | esxi | 4.0 | cpe:2.3:o:vmware:esxi:4.0:2:*:*:*:*:*:* |
vmware | esxi | 4.0 | cpe:2.3:o:vmware:esxi:4.0:3:*:*:*:*:*:* |
vmware | esxi | 4.0 | cpe:2.3:o:vmware:esxi:4.0:4:*:*:*:*:*:* |
vmware | esxi | 4.1 | cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:* |
vmware | esxi | 4.1 | cpe:2.3:o:vmware:esxi:4.1:1:*:*:*:*:*:* |
vmware | esxi | 4.1 | cpe:2.3:o:vmware:esxi:4.1:2:*:*:*:*:*:* |
jvn.jp/en/jp/JVN13154935/index.html
jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000123.html
osvdb.org/101387
www.securityfocus.com/archive/1/530482/100/0/threaded
www.securityfocus.com/bid/64491
www.securitytracker.com/id/1029529
www.vmware.com/security/advisories/VMSA-2013-0016.html
exchange.xforce.ibmcloud.com/vulnerabilities/89938