[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250363

 
 

909

 
 

196124

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2022-31676Date: (C)2022-08-25   (M)2023-12-22


VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 7.8CVSS Score :
Exploit Score: 1.8Exploit Score:
Impact Score: 5.9Impact Score:
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector:
Attack Complexity: LOWAccess Complexity:
Privileges Required: LOWAuthentication:
User Interaction: NONEConfidentiality:
Scope: UNCHANGEDIntegrity:
Confidentiality: HIGHAvailability:
Integrity: HIGH 
Availability: HIGH 
  
Reference:
DSA-5215
FEDORA-2022-1b8d3b2845
FEDORA-2022-1c9c0bacaf
FEDORA-2022-cd23eac6f4
GLSA-202210-27
https://lists.debian.org/debian-lts-announce/2022/08/msg00013.html
http://www.openwall.com/lists/oss-security/2022/08/23/3
https://security.netapp.com/advisory/ntap-20221017-0003/
https://www.vmware.com/security/advisories/VMSA-2022-0024.html

CPE    3
cpe:/o:linux:linux_kernel:-
cpe:/a:vmware:tools
cpe:/o:microsoft:windows:-
CWE    1
CWE-269
OVAL    26
oval:org.secpod.oval:def:507141
oval:org.secpod.oval:def:507142
oval:org.secpod.oval:def:609346
oval:org.secpod.oval:def:83404
...

© SecPod Technologies