6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.2%
a. VMware Linux based vmrun utility local privilege escalationVMware vmrun is a utility that is used to perform various tasks on virtual machines. The vmrun utility runs on any platform with VIX libraries installed. It is installed in VMware Workstation by default.In non-standard filesystem configurations, an attacker with the ability to place files into a predefined library path, could take execution control of vmrun.The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2011-1126 to this issue.VMware would like to thank Tim Brown for reporting this issue to us.Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
CPE | Name | Operator | Version |
---|---|---|---|
workstation | lt | 7.1.4 build 385536 | |
workstation | lt | updated version of vmrun |