Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vmwareVMwareVMSA-2017-0013
HistoryJul 27, 2017 - 12:00 a.m.

VMware vCenter Server and Tools updates resolve multiple security vulnerabilities

2017-07-2700:00:00
www.vmware.com
501

0.004 Low

EPSS

Percentile

74.6%

JSON

a. Insecure library loading through LD_LIBRARY_PATH

VMware vCenter Server contains an insecure library loading issue that occurs due to the use of LD_LIBRARY_PATH variable in an unsafe manner. Successful exploitation of this issue may allow unprivileged host users to load a shared library that may lead to privilege escalation.

Note: In order to exploit this issue an attacker should be able to trick the admin to execute wrapper scripts from a world writable directory.

VMware would like to thank Thorsten TΓΌllmann, researcher at Karlsruhe Institute of Technology for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2017-4921 to this issue.

Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.

CPENameOperatorVersion
vcenter serverlt6.5 U1
vmware toolslt10.0.9

Related

nessus 9
ubuntucve 1
f5 1
openvas 6
fedora 2
prion 4
cvelist 4
redhatcve 1
mageia 1
veracode 1
nvd 4
cve 4
debiancve 1
nessus
nessus
VMware vCenter Server Appliance 6.5 < 6.5 U1 Multiple Vulnerabilities (VMSA-2017-0013)
2017-07-31 00:00:00
SUSE SLED12 / SLES12 Security Update : open-vm-tools (SUSE-SU-2017:0702-1)
2017-03-16 00:00:00
openSUSE Security Update : open-vm-tools (openSUSE-2017-385)
2017-03-28 00:00:00
ubuntucve
ubuntucve
CVE-2015-5191
2017-07-28 00:00:00
f5
f5
K84583382 : VMware Tools vulnerability CVE-2015-5191
2021-12-06 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:0702-1)
2021-04-19 00:00:00
Fedora Update for open-vm-tools FEDORA-2017-08ec8b6dc4
2017-08-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:0705-1)
2021-06-09 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: open-vm-tools-10.1.5-5.fc26
2017-07-26 18:23:47
[SECURITY] Fedora 25 Update: open-vm-tools-10.1.5-5.fc25
2017-08-02 20:52:12
prion
prion
Hardcoded credentials
2017-07-28 21:29:00
Information disclosure
2017-08-01 16:29:00
Information disclosure
2017-08-01 16:29:00
cvelist
cvelist
CVE-2015-5191
2017-07-27 00:00:00
CVE-2017-4923
2017-08-01 16:00:00
CVE-2017-4922
2017-08-01 16:00:00
redhatcve
redhatcve
CVE-2015-5191
2017-07-25 08:18:48
mageia
mageia
Updated open-vm-tools packages fix security vulnerability
2017-10-05 23:08:40
veracode
veracode
Race Condition
2022-07-05 08:13:56
nvd
nvd
CVE-2015-5191
2017-07-28 21:29:00
CVE-2017-4923
2017-08-01 16:29:00
CVE-2017-4922
2017-08-01 16:29:00
cve
cve
CVE-2017-4923
2017-08-01 16:29:00
CVE-2015-5191
2017-07-28 21:29:00
CVE-2017-4922
2017-08-01 16:29:00
debiancve
debiancve
CVE-2015-5191
2017-07-28 21:29:00

0.004 Low

EPSS

Percentile

74.6%

JSON
Related for VMSA-2017-0013
nessus9ubuntucve1f51openvas6fedora2prion4cvelist4redhatcve1mageia1veracode1nvd4cve4debiancve1