CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
20.0%
Microsoft System Center Virtual Machine Manager (VMM) 2012 R2 Update Rollup 4 does not properly validate the roles of users, which allows local users to obtain server and virtual-machine administrative privileges by establishing a server session with Active Directory credentials, aka “Virtual Machine Manager Elevation of Privilege Vulnerability.”
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | virtual_machine_manager | 2012 | cpe:2.3:a:microsoft:virtual_machine_manager:2012:r2_rollup4:*:*:*:*:*:* |